Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: internet => linux pc (mitm) => router => client ?

  1. #1
    Junior Member Lucifer's Avatar
    Join Date
    Feb 2010
    Posts
    75

    Default internet => linux pc (mitm) => router => client ?

    would this work? I'm guessing it will, but how would I have to setup the routing part? could someone help me with those iptables?

    an internet box, but instead of connecting it to the router, I want to put my backtrack system in between the router and the internet box, to sniff.

    Thank you,

    d.

  2. #2
    Junior Member skidmarq's Avatar
    Join Date
    Jan 2010
    Posts
    88

    Default Re: internet => linux pc (mitm) => router => client ?

    I think what you are looking for is "echo 1 > /proc/sys/net/ipv4/ip_forward"

    This will allow your Linux box to process and forward packets...

  3. #3
    Member
    Join Date
    Feb 2010
    Posts
    75

    Default Re: internet => linux pc (mitm) => router => client ?

    as skidmarq regarding ip_forward

    Then use ettercap for your MIM.

  4. #4
    Member
    Join Date
    Jan 2010
    Posts
    332

    Default Re: internet => linux pc (mitm) => router => client ?

    You should consider the type of connection between the router and the internet.

    Internet(ISP) -> Router -> LinuxBox(mitm) -> Router -> Client
    In this type of setup there's not much to it 'cause you're operating on a LAN connection.

    Internet(ISP) -> LinuxBox(mitm) -> Router -> Client
    However in this setup the WAN connection between the ISP and the Router takes the task to another level.
    SecurityTube has two new sections. Questions & News

  5. #5
    Member xX_Spiidey_Xx's Avatar
    Join Date
    Jan 2010
    Location
    /dev/urandom
    Posts
    256

    Default Re: internet => linux pc (mitm) => router => client ?

    Quote Originally Posted by #mfBaranian# View Post
    You should consider the type of connection between the router and the internet.

    Internet(ISP) -> Router -> LinuxBox(mitm) -> Router -> Client
    In this type of setup there's not much to it 'cause you're operating on a LAN connection.

    Internet(ISP) -> LinuxBox(mitm) -> Router -> Client
    However in this setup the WAN connection between the ISP and the Router takes the task to another level.
    I'm presently working on a mod of your variation #2:

    Code:
    Internets -> Smoothwall
    
    Smoothwall --> DMZ -> MITM Linux Box - -> Router - - > Broadcasting (single) Open AP
            |                                    |   - - > Web Server
            | - - > Green LAN
            | - - > Apple Time Capsule - - > Green LAN computers
    The aim of this network setup is to educate thieves by taking any packets that aren't destined for the Web Server (so anyone using the Open AP), and redirect them inside the MITM Linux box to a static HTML file, stating something like this:

    "WARNING - In using Open Access points, your data (passwords, emails, chat conversations, etc) is UNENCRYPTED. Bad people do bad things with this information. You will not be able to access the internet through this router; This is a user education platform. Further, you have been redirected to this page because you were trying to steal internet from somebody who doesn't appreciate it. Stealing is a crime. Your MAC address has been recorded. Next time, be more cautious, and use YOUR OWN internet connection, thief."

    Of course, I could just run the router on the MITM box, without connection to the DMZ, but what if I need to remotely manage the box? It's going to be headless, so it'd be *just a little* difficult to manage locally.

    Now, for the legal aspect of this setup:

    If I were to allow users to connect to the internet and cache data on them (I.E. websites they visit, google searches, emails), as far as I know, I am legally required (in some places; my lawyer's response is pending for Canadian Law) to publish a warning to the user, informing them that their activities are being monitored and stored, and provide my contact information.

    A setup like this in a briefcase (or something like that) is very black hat (and quite likely very illegal), where you operate a "porta-net" from the case; bridging the adapter to an external ISP, and not saying a peep about it. This activity is NOT supported here.

    Always remember to follow your local laws (and foreign, if you're operating out-of-country). If you are unsure about them, don't do it until you are absolutely certain, and have gotten legal advice from a legitimate source on the legality of this activity.

    As previously stated, this is a work in progress, and won't go live until I've received legal advice from my lawyer.
    Last edited by xX_Spiidey_Xx; 03-23-2010 at 11:32 PM.
    thou shalt treat all computers as thou wouldst treat thyself, for thou art the creator of thine own problems.

  6. #6
    Member xX_Spiidey_Xx's Avatar
    Join Date
    Jan 2010
    Location
    /dev/urandom
    Posts
    256

    Default Re: internet => linux pc (mitm) => router => client ?

    As for the legal perspective from a Canadian Lawyer, this is a grey area. Chances are that it wouldn't hold up in a court here, even if you had a disclaimer, and collected data from users connected to your AP.

    Where this would be a valuable resource, however, is if you have a legitimately, intentionally "Free WiFi" AP, and need to have some evidence on hand should somebody connect to your AP and (let's say) download something like kiddy porn. Law enforcement, in cooperation with your ISP would see what was being downloaded on your IP. Where this becomes the clutch possession in the network scheme is the evidence that it was NOT indeed you, who downloaded said illegal (and downright immoral) material. Unfortunately, this PC would then become the property of law enforcement for evidence, and you still will probably find yourself in court explaining why.

    Best course of action is to just avoid this completely. If you're still going to set up a fake AP, and want to be intelligent about it, do as I said previously and set it up standalone-style, with an internal redirect to a "user education" portal, which does not collect, process or store personal data.

    Also of important note, is that I have cancelled all plans for building this. Besides that, I have much better things to do with spare computers and time 'round here.
    Last edited by xX_Spiidey_Xx; 03-25-2010 at 06:41 AM.
    thou shalt treat all computers as thou wouldst treat thyself, for thou art the creator of thine own problems.

  7. #7
    Senior Member micole's Avatar
    Join Date
    Jan 2010
    Location
    Charleston, SC
    Posts
    121

    Default Re: internet => linux pc (mitm) => router => client ?

    Quote Originally Posted by xX_Spiidey_Xx View Post
    I have much better things to do with spare computers and time 'round here.
    Like what may I ask? :P Still wanting to work on the "H4ckzor" button?
    Common Knowledge: Username, "root". Password, "toor". "startx" gives you a GUI, and "fix-vesa" will fix BT if you have no GUI. Start networking with "/etc/init.d/networking start" and check your IP settings with "ifconfig -a". "dhclient" will automatically use DHCP for your IP. Google is your friend.

  8. #8
    Junior Member Lucifer's Avatar
    Join Date
    Feb 2010
    Posts
    75

    Default Re: internet => linux pc (mitm) => router => client ?

    Spidey, thanks for your input.
    I would only use this for testing purposes, out of curiosity, nothing illigal about that.
    I'm going to try and set it up tomorrow.

    ps: I don't know how much a visit to your lawyer costs, but here in belgium, it's about 375 dollar. for every visit. so I would only go there if my life depends on it.

    .L
    Last edited by Lucifer; 03-25-2010 at 02:56 PM.

  9. #9
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: internet => linux pc (mitm) => router => client ?

    Quote Originally Posted by Lucifer View Post
    ps: I don't know how much a visit to your lawyer costs, but here in belgium, it's about 375 dollar. for every visit. so I would only go there if my life depends on it.
    .L
    So based on the above one could postulate that you value your own life at 375 dollars.

  10. #10
    Member
    Join Date
    Jan 2010
    Posts
    332

    Default Re: internet => linux pc (mitm) => router => client ?

    Also of important note, is that I have cancelled all plans for building this. Besides that, I have much better things to do with spare computers and time 'round here.
    CUDA server, anyone?
    SecurityTube has two new sections. Questions & News

Page 1 of 2 12 LastLast

Similar Threads

  1. Replies: 71
    Last Post: 12-23-2010, 11:35 AM
  2. rogue AP + MITM (tutorial or script request)
    By Lucifer in forum Beginners Forum
    Replies: 8
    Last Post: 04-12-2010, 12:40 AM
  3. mitm with ethercap
    By reslan_912 in forum Beginners Forum
    Replies: 3
    Last Post: 03-13-2010, 12:24 PM
  4. PPPoE connection under a router
    By SeekNDestroy in forum Beginners Forum
    Replies: 0
    Last Post: 02-20-2010, 04:07 PM
  5. wireless router/signal emulation/simulation
    By 31415926535 in forum Beginners Forum
    Replies: 2
    Last Post: 02-01-2010, 01:46 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •