man-in-the-middle

To: debian-firewall@lists.debian.org
Subject: man-in-the-middle
From: Hans du Plooy <hansdp@newingtoncs.co.za>
Date: Thu, 7 Oct 2004 12:21:11 +0200
Message-id: <[🔎] 200410071221.11549.hansdp@newingtoncs.co.za>

Hi guys,

I need to drop a box inbetween two public services (windows boxen), that will 
route traffic between the two.   They *can* see each other directly, but are 
not allowed to (for reasons beyond my control).   So far so good, except for 
one thing.  It looks like this:

A (win)  -----------------------  B (lin) ------------------------  C (win)

What should happen is that A will contact B (on B's IP) thinking that it is 
the windows PC.  And vice-versa.  C will contact B (on B's IP) thinking it is 
A.  So NATing both ways.   Any traffic arriving at A sent from C will look to 
A as if it's coming from B, and vice versa.   I hope that's clear enough.

B has two interfaces, and I have no access to  A or C - can't change anything 
on them.  Let's say the IPs are:
A = 60.60.60.60
B = 70.70.70.1 and 70.70.70.2
C = 80.80.80.80

I've been reading loads of iptables docs, most of Rusty Russel's stuff too but 
it's confusing me more.  From what he writes it almost looks like I'll need 
more than one machine inbetween, which is also out of the question (rackspace 
costs money).

Any suggestions will be appreciated!

Thanks 
-- 
Kind regards
Hans du Plooy
Newington Consulting Services
hansdp at newingtoncs dot co dot za

Reply to:

Follow-Ups:
- Re: man-in-the-middle
  - From: Lord-Storm <cullanthony@iprimus.com.au>
- Re: man-in-the-middle
  - From: eduardgv <eduardgv@gmail.com>
- Re: man-in-the-middle
  - From: Juergen Lueters <jlueters@intranet-engineering.de>

Prev by Date: Re: load balance between an ADSL and a Cable connections
Next by Date: Re: man-in-the-middle
Previous by thread: Httport and others
Next by thread: Re: man-in-the-middle
Index(es):
- Date
- Thread