Question

Problem statement: Suppose a parent server is hosted on a machine IP: 1.1.1.1 and that server some time communicates with three different servers say A (1.1.1.2), B (1.1.1.3), C (1.1.1.4). Those servers may be database servers or any other servers. Now from your browser you can send a http request to 1.1.1.1/somePage.htm, as a result some TCP packet will go to the server 1.1.1.1, and 1.1.1.1 can send and receive some TCP packets from A,B,C as well. Aim is to get the information of all TCP packets from the browser machine, without installing any agent software in any servers. One solution is we can write a code at the 1.1.1.1 server machine that will filter all the TCP packets with respect to respective IPs. But I don’t want that solution. Is there any way to solve this issue? Is it possible to introduce new protocol for this? But server codes can’t be modified.

No correct solution

OTHER TIPS

Does "any agent software" includes something like Wireshark? Usually the way to look at all datagrams received is by using a sniffer like Wireshark or you can use tcpdump in Linux servers.

You can also use Netfilter to handle received packets in the server an take certain actions on them.

If all the above is included in what you don't want to do the only alternative I see is to add another server in the middle between the browser and the web server (or between the server and a load balancer if you have a load balancer) that acts only as a router or bridge. In that machine you can inspect and filter TCP segments with all the available tools.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top