diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/Makefile | 1 | ||||
| -rw-r--r-- | security/sasp/Makefile | 21 | ||||
| -rw-r--r-- | security/sasp/distinfo | 2 | ||||
| -rw-r--r-- | security/sasp/pkg-descr | 23 |
4 files changed, 47 insertions, 0 deletions
diff --git a/security/Makefile b/security/Makefile index 034834a1dcc0..2d2960f2f5f2 100644 --- a/security/Makefile +++ b/security/Makefile @@ -450,6 +450,7 @@ SUBDIR += samba-vscan SUBDIR += samhain SUBDIR += sancp + SUBDIR += sasp SUBDIR += scanlogd SUBDIR += scanssh SUBDIR += seahorse diff --git a/security/sasp/Makefile b/security/sasp/Makefile new file mode 100644 index 000000000000..343815f95b28 --- /dev/null +++ b/security/sasp/Makefile @@ -0,0 +1,21 @@ +# New ports collection makefile for: sasp +# Date created: 2 September 2004 +# Whom: sviat +# +# $FreeBSD$ +# + +PORTNAME= sasp +PORTVERSION= 0.1 +CATEGORIES= security +MASTER_SITES= http://sviat.opengeeks.it/codes/sasp/ + +MAINTAINER= sviat@OpenGEEKS.it +COMMENT= A tool that permits to use a gateway whatever IP we have + +BUILD_DEPENDS= ${LOCALBASE}/include/libnet/libnet-types.h:${PORTSDIR}/net/libnet-devel + +NO_WRKSUBDIR= yes +PLIST_FILES= sbin/sasp + +.include <bsd.port.mk> diff --git a/security/sasp/distinfo b/security/sasp/distinfo new file mode 100644 index 000000000000..84f43f2249cb --- /dev/null +++ b/security/sasp/distinfo @@ -0,0 +1,2 @@ +MD5 (sasp-0.1.tar.gz) = 01cdaf87a0ac27bc5d52a01e4e858c78 +SIZE (sasp-0.1.tar.gz) = 3709 diff --git a/security/sasp/pkg-descr b/security/sasp/pkg-descr new file mode 100644 index 000000000000..4e8190943d13 --- /dev/null +++ b/security/sasp/pkg-descr @@ -0,0 +1,23 @@ +This is a tool that uses ARP poisoning to have a scenario +like this: we have a LAN and we want offer connectivity to every- +one coming here with his laptop for example. It could happen that +our customer has his network parameters already configured to +work correctly in his own LAN, but not working here. We can have +then this scenario: +Customer's host (10.0.0.2/8 and default gateway set to 10.0.0.1) +Our LAN (192.168.0.0/24 with real gateway 192.168.0.254). +All that we want is that our customer plugs his laptop and joins +the internet without changing nothing of his network parameters. +Here comes this tool installed in my real gw(192.168.0.254) It's +a sort of sniffer, because it sniffs broadcast ARP requests for +the gateway and answers that the gateway is itself In our example +our customer's laptop sends this request: arp who-has 10.0.0.1 +tell 10.0.0.2 Now our gateway does the following: 1) Sends back +this reply to 10.0.0.2: arp reply 10.0.0.1 is-at his_mac_address +2)Create the alias 10.0.0.254 (ARP is not routable so we need one +alias for each subnet that is not our one) 3)Sends itself an ARP +reply to refresh his ARP cache +It is different from proxy arp for two reasons: first it runs in +user space, then in this case we can plug machines belonging to +whatever subnet, while proxy arp is used in the case of only two +different ones. |