Modifying all outgoing/incoming network TCP/IP packages

Modifying all outgoing/incoming network TCP/IP packages

Post by oll » Sat, 27 Apr 2002 18:00:32


Currently I'm writing a thesis about steganography. The focus is to
hide information (and extract the hidden info.) in the TCP/IP header.

I'm about to conduct a small experiment. In a Linux host, a module of
some kind shall catch all outgoing network packets and modify them
before they are sent.

Now to the question: How can I modify _all_ outgoing/incoming network
packages from/to a Linux host? The fundamental functionality is thus
the ability to modify network packages.

Can I use raw sockets?

I've seen an example of a kernel module that drops network packages
randomly. Would this be a better approach perhaps?

Any information is greatly appreciated!



1. Exchange Source IP in incoming IP Packages


i have a problem with Linux, DNS and a NAT-Router.

The Linux machins has a private ip, the NAT-router is configured as the
DNS server. The NAT router itself uses DDNS and forwards all enquries to
the providers DNS server.

The problem is, the NAT router will not translate the ip addresses in
the answer packages of the providers DNS server. So for the Linux
machine it looks like the DNS answer is coming from another machine as
the enquiry was sent to. The enquiry was sent to the NAT router, the
answer is coming from the providers DNS. Because of that DNS doesn't work.

Is there a way to exchange the source IP address of the DNS answering
packagages to the nat-routers IP, maybe by iptables?

Thanks for any help


2. What can a Solaris consultant expect to make?

3. Intercepting IP incoming/outgoing datagrams in kernel space

4. inkjet printers

5. ipfwadm acctg: track IP addr of incoming and outgoing pkts

6. compiling question.

7. How to inspect & modify outgoing IP packets

8. ATI 3D Rage LT Pro AGP and X on laptop

9. Modifying outbound/incoming network packets

10. ip address of outgoing packages

11. How do I log outgoing TCP/IP-connections ?

12. Outgoing TCP/IP traffic redirection

13. Once more: How do I log outgoing TCP/IP-connections ?