Sniffjoke 0.4.1 - a sniffer evasion tool (Anti-IDS/IPS)

[firebits]

Sniffjoke 0.4.1 - a sniffer evasion tool (Anti-IDS/IPS)
SniffJoke (Sj) implements a set of anti sniffing technology itself, but begins developed as a modular framework.

Will easily be supported by a security community that want to exploit and explore sniffing faults. SniffJoke is an application for Linux that handle transparently your TCP connection, delaying, modifying and injecting fake packets inside your transmission, make them almost impossible to be correctly read by a passive wiretapping technology (IDS or sniffer). An internet client running SniffJoke injects in the transmission flow some packets able to seriously disturb passive analysis like sniffing, interception and low level information theft. No server supports needed!

Sj in the 0.4 release, hacks & mangles your network at layers 3 and 4. But with further development of plugins, you could well make all protocols at every layer scrambled, so that they can’t be detected by network sniffers.
This is the official change log:

• GPG verified autotest files
• Documented autotest operations
• Bug fixed discovered in 0.4 rel

Get from the master branch: https://github.com/vecna/sniffjoke/tarball/master

System requirement:
Linux Kernel 2.6.16, tun support, root privileges.

Package requirement:
g++ cmake gpp (to install) tcpdump curl (to run autotest) gpg (optional)

Download Sniffjoke v0.4.1 (sniffjoke-0.4.1.tar.bz2)
http://www.delirandom.net/sniffjoke/...e-howto-usage/

@firebitsbr

[Scamentology]

this sounds like a useful idea

[bofh28]

I thought the best way to evade sniffing was to encrypt all of your traffic. Yes I know about man in the middle attacks, and presenting clients with false ssl certs so you decrypt the clients traffic. Lets take ssh for example, if you used public/private keys and already exchanged keys with the ssh server before the man in the middle attack began you should be fine. Please correct me if I am wrong.

[balding_parrot]

already committed