Results 1 to 2 of 2

Thread: MITM on TCP with ettercap.

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    Nov 2009

    Default MITM on TCP with ettercap.

    Hello forum users,

    I am a student and performing experiments for a course at my university. I have ubuntu 9.04; and installed ettercap (GTK) and wireshark. I am connecting my laptop with an ethernet cable to a switched network.

    The goal is to analyse the congestion control mechanism of TCP, and in particular its reaction to congestion notifications (dupl ACKs, or timeout).
    To simulate network reordering (and its impact on TCP) or duplicates (generated by network), I need to reorder packets on transit, e.g., sent by a server, so that the receiver (client) identifies a gap in the sequence numbers which will trigger dupl ACK.

    I am using ettercap to capture the TCP segments. I need to delay every e.g., i packets, and to let packet i+1 to go through (for instance by duplicating it, and then transmitting the duplicate, once packet i is sent, to release all the i+1 of packets). As a result, the receiver receives packet i+1, and then packets 1,...,i,i+1. If i>3 the receiver will generate three dupl ACKs and the transmission rate at the sender will be halved.

    I did not find an info on how to delay the packets using ettercap. Does ettercap provide such a functionality (or is there an equivalent ettercap filter)? There is also an option to execute a shell command in ettercap filter, how can I accomplish this with a filter?
    Any help is highly appreciated.
    Thanks in advance.

  2. #2
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010


    We do not support Ubuntu. No matter what you installed into /onto it.
    To be successful here you should read all of the following.
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts