|
dsniff/ettercap do not work without NAT iptables
Hi fellow security "experimenter".
I recently bought a n810 with the hope of using it for security testing. I have kismet, ettercap and dsniff installed and working. However, they cannot do anything (at least for dsniff and ettercap) until the kernel supports a way to reroute the traffic to these tools. It can be ipchains or iptables. Iptables is available on os2008 but is missing the NAT tables. I've seen multiple post on these forum saying that these tools were working, but I think that what was meant is that they could be launched but not really do anything useful. Did I miss something ? is there an easy way to get the NAT tables modules for os2008 without recompiling a kernel ? Thanks for any help. JC |
Re: dsniff/ettercap do not work without NAT iptables
Hi JC,
Did u solve the NAT problem???If yes please gimme some pointers since even I'm stuck with this NAT problem.. |
Re: dsniff/ettercap do not work without NAT iptables
Any updates how get ipatables to work?
|
Re: dsniff/ettercap do not work without NAT iptables
|
Re: dsniff/ettercap do not work without NAT iptables
I'm pretty new kernel. What should I do with the netfiler-diablo.tgz file?
|
Re: dsniff/ettercap do not work without NAT iptables
Open xterm (or ssh into the device) make sure you have root privileges (sudo gainroot is an option), and run
tar -C /lib/ -xzf netfilter-diablo.tgz Then insmod all the necessary modules, and iptables will work. |
Re: dsniff/ettercap do not work without NAT iptables
After the tar part, what do I have to do with insmod?
Really, this is my first time to deal with it. |
Re: dsniff/ettercap do not work without NAT iptables
Run the commands:
insmod /lib/modules/2.6.21-omap1/net/netfilter/nf_conntrack.ko insmod /lib/modules/2.6.21-omap1/net/ipv4/netfilter/nf_conntrack_ipv4.ko insmod /lib/modules/2.6.21-omap1/net/ipv4/netfilter/nf_nat.ko insmod /lib/modules/2.6.21-omap1/net/ipv4/netfilter/iptable_nat.ko insmod /lib/modules/2.6.21-omap1/net/ipv4/netfilter/iptable_raw.ko insmod /lib/modules/2.6.21-omap1/net/ipv4/netfilter/ipt_REDIRECT.ko insmod /lib/modules/2.6.21-omap1/net/ipv4/netfilter/ipt_SAME.ko insmod /lib/modules/2.6.21-omap1/net/ipv4/netfilter/ipt_MASQUERADE.ko insmod /lib/modules/2.6.21-omap1/net/ipv4/netfilter/ipt_NETMAP.ko Please note that this enables NAT, but I never tried any of kismet, ettercap or dsniff, so I don't know if that is enough to make them work. |
Re: dsniff/ettercap do not work without NAT iptables
already tried insmod but still no success to run the following command:
iptables -t nat -I POSTROUTING -o bnep0 -j MASQUERADE iptables: No chain/target/mach by that name any ideal? |
Re: dsniff/ettercap do not work without NAT iptables
Are you sure the module iptables_nat is inserted properly (check with lsmod)?
What is the result of iptables -t nat -L |
Re: dsniff/ettercap do not work without NAT iptables
The result of iptables -t nat -L is:
Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination |
Re: dsniff/ettercap do not work without NAT iptables
Then the nat table and the POSTROUTING chain exist. The problem has to be with the MASQUERADE target. Is the ipt_MASQUERADE module inserted? What is the output of lsmod?
|
Re: dsniff/ettercap do not work without NAT iptables
Hmm... When I type in
iptables -t MASQUERADE -L I got the following: iptables v1.3.6: can't inintalize iptables table 'MASUERADE': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. And when I try to rerun the command: insmod /lib/modules/2.6.21-omap1/net/ipv4/netfilter/ipt_MASQUERADE.ko I got the following: insmod: cannot insert '/lib/modules/2.6.21-omap1/net/ipv4/netfilter/ipt_MASQUERADE.ko': File exists (-1): File exists Any ideal??? |
Re: dsniff/ettercap do not work without NAT iptables
MASQUERADE is a target, not a table, so the command you ran should fail.
Please run the command iptables -t nat -I POSTROUTING -j MASQUERADE and report the result. PLEASE, please also include the output from lsmod. |
Re: dsniff/ettercap do not work without NAT iptables
I ran the command
iptables -t nat -I POSTROUTING -j MASQUERADE and the result is: iptables v1.3.6: no command specified Try 'iptables -h' ro iptables --helo' for more information |
Re: dsniff/ettercap do not work without NAT iptables
The I is a capital i, not a small L.
|
Re: dsniff/ettercap do not work without NAT iptables
When I type in:
iptables -t nat -I POSTROUTING -j MASQUERADE there aren't any output. Just show a new prompt. any ideal? |
Re: dsniff/ettercap do not work without NAT iptables
This means that the command is accepted without errors. This is the unix way - no unnecessary output.
Now try the same successful command with additional -o bnep0 and see if it works. |
| All times are GMT. The time now is 01:15. |
vBulletin® Version 3.8.8