SniffJoke

Abstract

The evasion technology, anti sniffing techniques, etc, has been known since the 1998, but an implementation able to work transparently in a gateway or in a client has lacked until sniffjoke.

the main technological trouble is make an userspace software able to delay, mangle and filter the packets sent by kernel. some research exists in the underground, but neither stable nor portable.

Sj is a module based framework and the community support in developing anti-sniffer plugins will be a nice achievement in the fight against the data retention, beside a new IT-security challenge.

it act only client side, detect in your network environment which technique is able to (ab)use, and the receiver will not present any kind of malfunction. Every open source sniffer, packet decoder, flow analyzer, etc, is resulted unable to reassembly correctly the sniffjoke traffic.

is not a security by obscurity technology, and thus the sniffer could not "be simple patched". one of the project motto is: "transform multigigabit sniffer into multikilobit".

develop started in the 2007 by vecna, in the 2010 evilaliv3 has joined the project and in two developer we almost stabilized the 0.4 release. in this month has been added in the backtrack5 distribution, and soon will be released.

Speaker