Home/ Questions/Q 7458113
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-29T13:24:26+00:00

I think I summed it up in the title. Regarding the question, I have

  • 0

I think I summed it up in the title. Regarding the question, I have been evaluating my options for utilities that allow me to craft, capture, and analyze TCP/IP packets. I am very new to network programming and I am still learning as I go, but at this point, I want to write a program that establishes a TCP connection.

Here are my goals (long term to short term):

  1. Deploy and code a system that can establish an ssh connection between two computers behind NATS given their local host names (i.e. feynman.home to feynman.work) and the IP addresses of their routers. I would also like to be able to guide the connection across a set of hops if possible/necessary.
    No using third parties or closed source code of any kind. @

  2. Rewrite (and possibly modify) pwnat in a “cleaner” format (i.e. using some well developed library for a high level language.)

  3. Establish ssh connection between two hosts behind the same NAT (using my own code of course.)

  4. Establish TCP connection between two hosts behind the same NAT (using my own code of course.)

I have managed to find netexpect which seemed very promising until it failed to build on my Mac OS X (my computer is going through a glitchy period right now.) Netexpect may well be the best option, but I have come across quite a few others (e.g. scapy and its perl and ruby implementations.) Many of these are not well maintained (e.g. scapy and its perl and ruby implementations.)

So, I thought it would be best to bring the question to stackoverflow (unless there is a better stackexchange I am not aware of.)

*Given the current state of my computer (don’t ask) portability is important.

*I would prefer something well maintained/under active developement as to best assure I will have all the tools I will need for my short and long term goals.

*Finally, I would prefer something that uses an interpreted language for a host of reasons ranging from my experience to my preference.

@Yes I am fully aware there are easier ways. I want to do it my way because this just as much a learning experience as it is practical.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Most of what you described involving routing the connection between multiple hops/NATs – isn’t done in the SSH client at all. It would involve having access to several network routers and setting up all those NATs in advance, then those translations would already happen automatically when the connection is routed through.

    Are you talking about proxying your connections through multiple servers? That could be accomplished by a macro that logs in to server A, then automatically invokes ssh again from server A to get to server B and so on.

    Could you describe in some more detail what you are trying to accomplish?

    Edit: I just read the description of pwnat. That is incredibly proprietary (and won’t work in every situation anyway, since many configurations block ICMP completely). If you really wanted to try it out, you’ll probably be stuck with C/C++. I don’t think Java or .NET gives you the kind of low-level flexibility that you would need to packet craft, for security reasons. Have you looked at Ostinato: http://code.google.com/p/ostinato/wiki/Downloads?tm=2 or Nemesis: http://nemesis.sourceforge.net/

    Pretty much everything on windows will use winpcap and on *nix it will use libpcap.

    • 0