Monitor and Edit Network Traffic

[Redhatcc]

I have two personal home computer, a little project of mine i have been working on.

Is there a program that monitors network traffic and can edit packets that is more less easy to pick up on for someone that is somewhat computer savvy? Not really trying to install 2 nic's into one computer and direct all the traffic from one of my computers to the other and then to the internet. But if i must install two nic's into one computer to hook the other computer into before it hits the modem i will.

Basically my target is if i type in www.google.com on one computer, i want it to be able to change it with the other computer once i click enter to www.yahoo.com

Or is this little project of mine a lost hope haha?

[James_A]

I may be missing the point, but isn't that exactly what a proxy server does?

At the home user level, parental control software also does this - but mostly tends to block rather than re-map domains.

[uid0]

You could set the victim pc use a dns server running on the other pc, or just edit the hosts file of the victim, if it really is just google you want to avoid.

[tain]

For your end goal it would be easier to use your hosts file to redirect the hostname to the other IP.

[Redhatcc]

hmm.. i might have asked this in the wrong way.

im talking more about editing the packets down to the actual packets...

[SecretNinja]

Hi Redhatcc,

Your question was understood, however for the example usage you gave DNS spoofing or a proxy server are both much better methods. If you want to intercept the packets and modify the data in real time i think you will find that substantially harder. For one each packet has a check sum to verify its not been tampered with which would be beyond most peoples skills to spoof. Far better would be acting as a man in the middle as either a router or a proxy. For example using something like squid 3 and an ICAP server you can rewrite webpages in real time so that, for example, all html tags defining the font colour for black are changed to pink, or all txt sitting between <p> tags is reversed. You could also use a url rewriter to redirect people to different parts of a site or different sites altogether. for example you can enforce google safesearch with a simple url rewrite that appends &safe=active to the end of your query string. both these methods are limited only by your own inventiveness. I saw one setup that processed the webpages via a filter to render them upside down as a joke on a wifi freeloader.

I manage a substantial estate of proxy servers which is why i personally would use that method to intercept and modify traffic. but im sure that much of that can be accomplished by a router as well.

Can you clarify what exactly would would like to accomplish by editing the raw tcp traffic?

[Redhatcc]

well its not a major project of mine, but im always digging into stuff that is a bit confusing.

say i have a little brother, and he talks on AIM. each time he sends "Hey!" it would be neat for it to be modified as "Bye" just for a mean time..

projects like these keep me learning while i am between major projects

[tain]

If you really want to play around at the packet level you might want to start here. Of the options listed, Scapy is the one I've heard the most about.