Kali
Iptable_Evil is a very specific backdoor for iptables that allows all packets with the evil bit set, no matter the firewall rules. The initial implementation is in iptable_evil.c, which adds a table to iptables and requires modifying a kernel header to insert a spot for it. The second implementation is a modified version of the ip_tables core module and its dependents to allow …
Continue reading “Iptable_Evil : An Evil Bit Backdoor For Iptables”
The Port Scan Attack Detector psad is a lightweight system daemon written in is designed to work with Linux iptables/ip6tables/firewalld firewalling code to detect suspicious traffic such as port scans and sweeps, backdoors, botnet command and control communications, and more. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that …
Continue reading “Psad : Intrusion Detection & Log Analysis with IPtables”
