Re: man-in-the-middle

[Lord-Storm <cullanthony@iprimus.com.au>]

On Thu, 7 Oct 2004 08:21 pm, Hans du Plooy wrote:
> Hi guys,
>
> I need to drop a box inbetween two public services (windows boxen), that
> will route traffic between the two.   They *can* see each other directly,
> but are not allowed to (for reasons beyond my control).   So far so good,
> except for one thing.  It looks like this:
>
> A (win)  -----------------------  B (lin) ------------------------  C (win)
>
> What should happen is that A will contact B (on B's IP) thinking that it is
> the windows PC.  And vice-versa.  C will contact B (on B's IP) thinking it
> is A.  So NATing both ways.   Any traffic arriving at A sent from C will
> look to A as if it's coming from B, and vice versa.   I hope that's clear
> enough.
>
> B has two interfaces, and I have no access to  A or C - can't change
> anything on them.  Let's say the IPs are:
> A = 60.60.60.60
> B = 70.70.70.1 and 70.70.70.2
> C = 80.80.80.80
>
> I've been reading loads of iptables docs, most of Rusty Russel's stuff too
> but it's confusing me more.  From what he writes it almost looks like I'll
> need more than one machine inbetween, which is also out of the question
> (rackspace costs money).
>
> Any suggestions will be appreciated!
>
> Thanks
> --
> Kind regards
> Hans du Plooy
> Newington Consulting Services
> hansdp at newingtoncs dot co dot za

I belive you want it to act as a router? or use squid?

-- 
--------------------------------------------------
The NSA and FBI would be unhappy to know that this email contains 
no information for Echelon about bombings killing people.
It may contain information about Information Security, Hacking, PGP, 
So you guys can go Blowfish at the next HOPE conference.

This is my own part of the Information Warfare Stop reading my mail.
If this is not directed to you via a mail list you are not entitled to read 
it.