Problem statement: Suppose a parent is hosted on server machine IP: 1.1.1.1 and something in that server The time is called three different servers A (1.1.1.2), B (1.1.1.3), C (1.1.1.4). They can be server database servers or other servers. Now you can send an http request to 1.1.1.1/somepage.htm from your browser, as a result some TCP packets will go to server 1.1.1.1, and 1.1.1.1 a TCP can send packets and packets, target C as well, without installing any agent software in any server, get all TCP packet information from the browser machine. One solution is that we can write a code on server machine 1.1.1.1 which will filter all TCP packets in relation to the related IP. But I do not want that solution. Is there any way to solve this issue? Is it possible to present a new protocol for this? But server codes can not be modified.
Does any agent software include anything like Verhark? The usual way to see all the datagrams obtained is by using sniffing like a wirhark or you can use TCPDump in Linux servers.
You can also use NetFilter to handle the packets received in the server.
If all of the above are included which you do not want to do only one, I see that between the alternate browser and the web server (or between the server and a load balancer there is a load balancer) between In between, adding another server which acts as a router or bridge, in that machine, you can inspect and filter the TCP segment with all available tools.
Comments
Post a Comment