> Hello. Someone recommended I post this program to you. I hope you find it > interesting: > > > http://www.tenebrous.com/rain/ This is effectively a tool for sending various types of semi-random floods towards an IP destination. It seems more suited to stack testing than DoS, though(its floods are reasonably filterable). This brings up an interesting question: Perhaps there should be a reasonable toolkit for testing network services--something like "netfuzz", that would send various patterns at different load levels heuristically seeking those patterns that might cause instabilities. *So* many daemons are released that can't handle even minor amounts of noise that this might actually be a useful general purpose tool *before* releasing code to test your daemons against. Particularly if one could compile their clients against a randomizing fuzz library(i.e. so only an individual argument on a request would be suddenly sent out of bounds). Perhaps no library would be needed at all...think, "noisy netcat" :-) Thoughts? Yours Truly, Dan Kaminsky, CISSP http://www.doxpara.com
This archive was generated by hypermail 2b30 : Mon Jul 02 2001 - 14:31:47 PDT