Kill TCP connections

cool_penguin_smallThere are times when you want to kill TCP connections forcibly because of reasons like network lag, possible intrusion detected from any IP etc. Try tcpkill. It supports various options and kills the connections by sniffing the traffic. For example, to kill all connections to FICS immediately, I run:

$ sudo tcpkill -i wlan0 host

While tcpkill uses a passive approach, the killcx Perl utility uses an active approach – it successfully spoofs a SYN packet on behalf of the client and sends it to the server. The server than replays with a valid TCP packet revealing the ACK and SEQ numbers. As soon as this this is on a wire the killcx sniffs this up and sent RST to kill the active session.

Leave a Reply

Your email address will not be published. Required fields are marked *