TCP Proxy

The TCP Proxy plugin is a man-in-the-middle for TCP connections. Just like the Sniffer plugin, it is intended for intercepting data being passed between 2 TCP nodes.

You set it up with a specific interface and TCP port to listen on and a specific destination address to connect to. Whenever a client connects to the server side of TCP Proxy, the client side establishes a secondary connection to the specified desintation. Then TCP Proxy keeps passing data back and forth between its two peers while logging everything in the process.

In some situations, this proxy approach is better than a sniffer.

Using a sniffer for intercepting the packets of a connection you want to monitor isn’t always easy. For example, if it’s TCP over Wi-Fi, Pcap doesn’t cut it. Or it could be regular Ethernet networking, but with both nodes outside of your local network segment, beyond the reach of a sniffer. Redirecting TCP communications through IO Ninja TCP proxy solves these problems.

Another reason to use a proxy instead of a sniffer is clarity of representation. When you use a TCP proxy, it’s easy to follow the actual data exchange. The log looks just like when you’re using the TCP Connection plugin, as opposed to the packet-based representation generated by a sniffer.