SniffJoke 0.4 beta 4 – betatesting invite

Posted on 17 March 2011 by vecna

Sniffjoke 0.4 (now 0.6) Betatesting invite

What’s SniffJoke ?

Sj is a  Linux free software that injects packets in your TCP connections. The injection doesn’t interfere with the contents of your connections, but a sniffer in the path will not be able to reassemble the flow.

How can you help us testing SniffJoke ?

Download the software: http://github.com/vecna/sniffjoke under a Linux system. then run by root:

mkdir build && cd build && cmake .. && make && make install

the default configuration will create a “generic” location (usually, depends from your  system defaults):/usr/local/var/sniffjoke, in this dir you will find the logfiles and the configuration files.

Start the autotest of your network, with the autotesting script:

sniffjoke-autotest -l office -d /usr/local/var/sniffjoke -n 4

This will generate /usr/local/var/sniffjoke/office directory, and starting sniffjoke with:

sniffjoke –-debug 5 --location office –-start

BETATESTING: use it on the client or on the default gateway: when Sj is running, make your daily activities and check the usability of the internet connection. If you have some problem, run “sniffjokectl stop” and retry: if the problem doesn’t happen: you’ve found a bug :(

optional configurability:

[1] set a blacklisting/whitelisting IP sets, causing sniffjoke to mangle only the session directed versus specific IP addresses.

[2] set the strength (aggressivity) for each TCP/UDP port

[3] every kind of attack that will bring down a sniffer is implemented in a plugin, you will easily enable or disable a plugin

[4] to start/stop sniffjoke, use the client sniffjokeclt, it is connected to the default UDP port where sniffjoke service is binded: 127.0.0.1:8844, useful commands: sniffjokectl info, sniffjokectl stat, sniffjokectl ttlmap

Testing in unusual network environments is especially appreciated. the sniffjoke-autotest generate a compressed report that you are invited to sent at sniffjoke-team <at> delirandom.net Check the effects in the sniffer/IDS (already tested vs: wireshark, dsniff, xplico: all broken) and report the results.

About vecna

Claudio Agosti (I, in this section) is currently working in some projects involving: steganography, anonymity, deep level networking, voip and mobile network security and online human right protection. Mix well, put a sprinkle of anti-forensic, serve cold. The worst issue in those really cool projects is that no one is financing me, thus sometime I need to work. Jobs actually include developing and few security issue to manage. Dreams ? A world where everyone has N-pseudonyms, certified by web of trust security model. I'm not "security certified" except lifeguard, I'm bored by penetration testing, and my future is painted with javascript. keywords: vecna, s0ftpj, sniffjoke, globaleaks, winston smith project, elettra.
This entry was posted in english, hacking and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>