Create an Account
username: password:
 
  MemeStreams Logo

Slashdot | Black Ops of TCP/IP: Paketto Keiretsu 1.0 Release

search

Reknamorken
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Reknamorken's topics
Arts
  Literature
   Non-Fiction
   Sci-Fi/Fantasy Literature
  Movies
   Movie Genres
    Action/Adventure
    Anime Movies
    Comedy
    Cult Films
    Documentary
    Hong Kong Cinema
    Film Noir
    Sci-Fi/Fantasy Films
  Music
   Music Styles
    Electronic Music
    Jazz
    Punk
Business
  Finance & Accounting
  Tech Industry
  Telecom Industry
  Management
  Markets & Investing
Games
  Role Playing Games
  Video Games
   PC Video Games
   Console Video Games
Health and Wellness
  Fitness
  Medicine
  Nutrition
Home and Garden
  Pets
Miscellaneous
  Humor
  MemeStreams
   Using MemeStreams
Current Events
  War on Terrorism
  Israeli/Palestinian
  North Ireland
Recreation
  Travel
   African Travel
   Asian Travel
   Central American Travel
   European Travel
   North American Travel
   South American Travel
Local Information
  United States
   California
    SF Bay Area
     SF Bay Area Events
     SF Bay Area News
Science
  History
  Math
  Nano Tech
  Physics
Society
  Activism
  Economics
  Education
  International Relations
  History
  Politics and Law
   Civil Liberties
    Internet Civil Liberties
    Surveillance
   Intellectual Property
  Military
  Philosophy
  Relationships
  Religion
Technology
  Computers
   Computer Security
    Cryptography
   Cyber-Culture
   PC Hardware
   Human Computer Interaction
   Computer Networking
   Computing Platforms
    Macintosh
    FreeBSD
    Linux
    Microsoft Windows
    OpenBSD
    Sun
   Software Development
    Open Source Development
    Perl Programming
  Military Technology
  High Tech Developments

support us

Get MemeStreams Stuff!


 
Slashdot | Black Ops of TCP/IP: Paketto Keiretsu 1.0 Release
Topic: Miscellaneous 10:09 pm EST, Nov 18, 2002

Just reference for me. This is cool shit.

Wow. Read this:


Minewt is a minimal "testbed" implementation of a stateful address translation gateway, rendered so entirely in userspace that not even the hardware addresses of the gateway correspond to what the kernel is operating against. Minewt implements what is common referred to as NAT, as well as a Doxpara-developed technique known as MAT. MAT, or MAC Address Translation, allows several backend hosts to share the same IP address, by dropping the static ARP cache and merging Layer 2 information into the NAT state table. Minewt's ability to manipulate MAC addresses also allows it to demonstrate Guerilla Multicast, which allows multiple hosts on the same subnet to receive a unicasted TCP/UDP datastream from the outside world. Minewt is not a firewall, and should not be treated as such.

Is this a potential mechanism for maintaining state on a couple of VRRP'ed OpenBSD pf firewalls???

I know it's not what it's intended for, but you might be able to leverage his MAT capability in such a way.

More:


Paratrace traces the path between a client and a server, much like "traceroute", but with a major twist: Rather than iterate the TTLs of UDP, ICMP, or even TCP SYN packets, paratrace attaches itself to an existing, stateful- firewall-approved TCP flow, statelessly releasing as many TCP Keepalive messages as the software estimates the remote host is hop-distant.

How slick is that???

Slashdot | Black Ops of TCP/IP: Paketto Keiretsu 1.0 Release



 
 
Powered By Industrial Memetics
RSS2.0