|
|
Mechanism of "Little Snitch's" Operation
|
|
|
|
Fresh-Faced Recruit
Join Date: Jan 2003
Status:
Offline
|
|
I was just wondering where to start reading about how to implement a utility similar to Little Snitch... I want to be able to see incoming and outgoing network connections, and possibly be able to stop/reroute/etc them. Does this involve hard-core KEXT stuff? Does this involve some ettercap-style hacking?
Also, how can I get a list of SSH users, and the ability to boot them individually? How about similar services, HTTP, AFP, etc?
Thanks,
Daniel Staudigel
|
|
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Apr 2004
Status:
Offline
|
|
try tcpdump (command-line util) to get network info... I dunno if you want to write a gui for that or try to figure out how it does it's stuff (hey, it's opensource, right?), but that's probably a good starting point.
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Sep 2001
Location: Chico, CA and Carlsbad, CA.
Status:
Offline
|
|
Originally Posted by dstaudigel
Also, how can I get a list of SSH users, and the ability to boot them individually? How about similar services, HTTP, AFP, etc?
Look into `last` and `lsof`...
tcpdump, as the previous poster commented, is a nice tool, however there are others like it that are more robust. Tools of that nature tune into a packet filtering device through the use of libpcap (I like `ngrep` and `ethereal`). I'm not sure if LittleSnitch does this too.
|
"In Nomine Patris, Et Fili, Et Spiritus Sancti"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|