What is Komodia’s Redirector?

Komodia Redirector

Komodia’s Redirector allows you to change TCP/IP network sessions with a few simple clicks. The platform intercepts traffic (using LSP/WFP) on the local machine based on rules that you define, and it includes many built in functions that you can use without writing a single line of code.

Product Benefits

Save money: Doing it yourself will take one year of trial and error, sure it may work in the lab on a XP VM, but when you try to shift into Vista/7 with all the new browsers and network applications expect things to break down fast. We have already solved these problems for you, so you can focus on what’s really important.

Avoid frustration: each client is assigned with a dedicated account manager to handle your support, the account manager is a programmer so you get a direct access to a developer that is familiar with the SDK and is familiar with your market’s needs and wants.

Save time: Using the SDK reduces time to market by four to eight months that you would spend on trial and error developing a subset of the SDK functionality, we know it’s tempting to think the development will take a month or two, but the reality is that it takes more then that, and you also need to consider double the time you will spend on QA.

No surprises: It’s tempting to go and get something built by a freelancer, in fact some of our clients had a previous solution built for them, but a freelancer will do one or two checks on his virtual machine, and leave you to handle all the bugs yourself, for example: the default MS sample doesn’t work with Safari, iTunes, World of Warcraft, FF, and more! We know this because we already fixed those problems, so there are no surprises (don’t take us at face value, here is a list of development challenges that you need to address doing it yourself or using a freelancer).

Product Information

This unique one of a kind redirection SDK that allows you to develop your network interception and redirection application, with this SDK you would be able to perform the following using a few simple clicks and without the need to write a single line of code:

  • Control which TCP traffic to redirect for your inspection based on: applications, ports, and IPs.
  • Control which UDP traffic to redirect into Socks5 proxy based on: applications, ports, and IPs.
  • Inspect and process the incoming and outgoing traffic that is captured with the rules you have defined.
  • SSL decryption so you will filter even secure sites.
  • Parental control and white/black list URL management.
  • Tunnel all traffic via another proxy server.
  • Enable HTTP header filtering to change request and reply HTTP fields on the fly (e.g. change user-agent, remove a cookie or add custom headers).

In addition the product has optional modules that allows you to:

  • SSL Digestor Decrypt SSL data, process it, modify it (if requried) and encrypt it back to SSL.
  • DNS Hijack – Intercepts DNS requests and prevents them from leaving the computer, perfect for bypassing censored DNS.
  • HTTP Parser – Parses HTTP traffic and gives you the HTTP data parsed (removing GZIP/Deflate encodings, chunked transfers, HTTP 100 responses).
  • Parental control – Performs actual parental control with easy to use keywords interface.
  • Kernel watchdog – Protects the SDK from being removed/modified/stopped by unauthorized users.
  • URL Classification – The SDK has built in module to give you the category of every page the end user visits (URL Classification is sold as an optional service).

With Komodia’s Redirector SDK you can develop number of applications such as:

  • Parental control: block or redirect web pages based on content(using our Parental control SDK.
  • SSL Stream decrypting: You can purchase an additional SSL decrypting module to decrypt the contents of a SSL session and modify the data without alerting the browser.
  • Ad injection: Inject ads/javascripts into any HTTP/HTTPS page without relaying on browser extension or plugin.
  • Ad block: Block any ads inside any HTTP/HTTPS page without relaying on browser extension or plugin.
  • Anonymizer: forward data to a proxy (local or remote), and perform HTTP header modification.
  • Secure anonymizer: forward data to a proxy server while encrypting the session using SSL (with a proxy that supports SSL encryption, e.g., Squid).
  • Spam filtering: filter emails based on content.
  • Traffic control and data manipulation: forward data to a proxy server after you perform custom data modification such as: Changing HTTP data, compressing the data, encrypting the data using other then SSL encryption and of course perform the reverse on the returning incoming data.
  • Traffic monitoring: track surfing activity, limit bandwidth.

There are many reasons why our clients chose Komodia’s Redirector as their interception engine:

  • Instantly develop your application, the SDK doesn’t require network or Winsock LSP programming knowledge.
  • Developing a similar product with all the features takes a skilled Winsock LSP and windows programmer at least three months, don’t forget to add QA time on top of this time frame. The cost of the SDK is only 1850$ (view price quote).
  • Saves time you would have to deal with exotic or common LSP problems – we have already done this for you. Komodia has fixed a wide array of bugs reported by our clients and our clients’ clients, thus saving your precious time from being wasted on QA. (See our bugs page)
  • Tested in commercial releases. Saves you QA costs and allows you to focus on developing and testing the real functionality of your product.
  • Can be used commercially. Similar “free” products come with no support and with GPL licenses, which makes them commercially unusable.
  • 14-day pre-purchase evaluation period, try before you buy.
  • Phenomenal support, you receive either 30 or 60 days of support after purchse (depending on the product and features purchased) which includes: Counseling on the best way to ingerate our products with yours, software update, reported bugs are usualy fixed within 24-48 hours.
  • Easy to interface with API, written using COM technology you can use any language to control the Redirector.
  • Most importantly: Get the Redirector NOW and save at least six months of development and labor costs.
Regular operation without Komodia’s Redirector

Diagram 1

  • Internet Explorer connects to a web server on port 80.
  • Internet Explorer and the web server communicate directly.
Operation with Komodia’s Redirector (configured to intercept port 80 traffic)
Diagram 2
  • Internet Explorer connects to the web server on port 80.
  • The LSP intercepts the TCP/IP communications and redirects to Komodia’s Redirector.
  • At this stage, Komodia’s Redirector can reshape the traffic, block it, or redirect the Internet Explorer session to another web site.
  • All data from the website can be modified and/or blocked. After the data is manipulated, it is forwarded to Internet explorer.
  • The Redirector’s main service is written in C++, can be compiled with VS6 and above and is controller by a COM API.
  • The TCP/IP Redirector component is a Winsock LSP.
  • The LSP is registered using our Advanced LSP installer.
  • Includes two control GUI samples written in VB and MFC using the COM interfaces that the service exports.
  • Works on Windows 2000 / 2003 / 2008 / XP / Vista / 7 / 8 and all 64bit flavors (LSP works on Windows desktop only, WFP works on both desktop and Metro for Windows 8).
  • Built-in support for tunneling via HTTP proxy, HTTP Connect proxy, SSL protected proxy, Socks4, Socks5 and Socks5 with UDP support.
  • Built-in support HTTP header manipulation.
  • Allows extending via DLL interface which can be written in C++ or Delphi (when buying the product with source, you can integrate your code directly inside the product).
  • Allows extending via COM interface which can be written in C++, C#, VB.Net, or Delphi.

Powerpoints how to guides:

Manuals and frameworks:

All prices are for 50,000 end users (you can purchase more users if needed), except for ad injection which have a different pricing per end user.

View the official quote, a partial price list:

Binary version Source version
Basic Redirector 2050$ 4200$
SSL Digestor 1650$ 3400$
HTTP Parser 750$ 1600$

Komodia Security Bulletin
Date: February [25th], 2015

Komodia takes all security vulnerabilities very seriously. Komodia is pleased to present an updated version of its SDK that includes the following updates:

1. The updated version of the Komodia SDK creates a unique root certificate on each device. The password for each certificate is randomly generated.

2. The Komodia SDK removes alt subject field when the certificate validation fails.

3. The Komodia SDK uses the Online Certificate Status Protocol to check the revocation status of certificates.

4. The list of cipher suites supported by the Komodia SDK has been updated.

5. The updated Komodia SDK will delete earlier root certificates containing identified security vulnerabilities from the computer. Please note that the updated Komodia SDK will delete only the root certificate of the client it belongs to.

6. Information concerning a number of certain, specific root certificates that have been shown to be compromised has been preloaded in the Komodia SDK, and the Komodia SDK will not accept such specific certificates as valid.

Komodia acknowledges the efforts invested by individuals in the security community that have helped Komodia protect its customers and end users by discovering security vulnerabilities.

Nothing in this security bulletin shall be interpreted as providing any warranty on behalf of Komodia. Any warranties provided by Komodia must be set forth in a written license agreement between Komodia and the applicable third party. As such, all information in this Komodia Security Bulletin is provided “as is.”

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/) This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)

SSL DigestorDecrypt SSL data, process it, modify it (if requried) and encrypt it back to SSL.