Suppose a client workstation 192.168.1.1 sending ftp, http, ssh traffic using 192.168.1.254 (Linux based) router to server outside our network, and you would like to cut ftp traffic without effecting other connection? So how you are going to do that? Simply use cutter utility.
Cutter is an open source program that allows Linux firewall administrators to abort TCP/IP connections routed over Linux based firewall. This tool is very handy in situation like:
To terminate connection such as SSH tunnels or VPNs left by our own users
To abort crackers attacks as soon as they detected
To kill high bandwidth consuming connection
To kill peer-to-peer traffic etc ...
But how to use it?
Download the cutter and install it on Linux firewall:
1) Login to your iptables based firewall router
2) Identify your internal connection (use netstat or tcpdump)
3) Use cutter as follows
cutter {IP-address} {Port}
Examples:
Cut all connections from 192.168.1.5 to server
# cutter 192.168.1.5
Cut all ssh connection from 192.168.1.5 to server
# cutter 192.168.1.5 22
Cut all ssh connection from 192.168.1.5 to ssh server 202.54.1.20
# cutter 202.54.1.20 192.168.1.5 22
Please note that cutter has been designed for use as a administrators tool for Linux firewalls do not use this tool for malicious purpose. For more information about this tool & how actually it works by sending FIN -> ACK -> RST sequence of packets to terminate connection, see the official web site.
0 comments:
Post a Comment