Re: rain

From: JJohnson (jjohnsonat_private)
Date: Mon Jul 02 2001 - 15:00:37 PDT

Previous message: Erick B.: "Re: un-hibernating laptop using old network settings"
In reply to: Dan Kaminsky: "Re: rain"
Next in thread: Sec i386: "Re: rain"
Next in thread: Michael: "Re: Re: rain"
Maybe reply: Michael: "Re: Re: rain"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

If you like rain, you'll also like isic.

ISIC

IP Stack Integrity Checker 

ISIC is a suite of utilities to exercise the stability of an IP Stack and its component stacks (TCP, UDP, ICMP et. al.) It generates piles of pseudo random packets of the target protocol. The packets can be given tendancies to conform to. Ie 50% of the packets generated can have IP Options. 25% of the packets can be IP fragments... But the percentages are arbitrary and most of the packet fields have a configurable tendancy.

The packets are then sent against the target machine to either penetrate its firewall rules or find bugs in the IP stack.

ISIC also contains a utility generate raw ether frames to examine hardware implementations. 

Other novel uses people have found for ISIC include IDS testing, stack fingerprinting, breaking sniffers and barraging the IRC kiddie. 

http://www.packetfactory.net/Projects/ISIC/

This package does require libnet.  Which can be found at:

http://www.packetfactory.net/libnet/dist/

-miah

On Mon, Jul 02, 2001 at 06:19:39AM -0700, Dan Kaminsky wrote:
> 
> > Hello. Someone recommended I post this program to you. I hope you find it
> > interesting:
> >
> >
> > http://www.tenebrous.com/rain/
> 
> This is effectively a tool for sending various types of semi-random floods
> towards an IP destination.  It seems more suited to stack testing than DoS,
> though(its floods are reasonably filterable).
> 
> This brings up an interesting question:  Perhaps there should be a
> reasonable toolkit for testing network services--something like "netfuzz",
> that would send various patterns at different load levels heuristically
> seeking those patterns that might cause instabilities.
> 
> *So* many daemons are released that can't handle even minor amounts of noise
> that this might actually be a useful general purpose tool *before* releasing
> code to test your daemons against.  Particularly if one could compile their
> clients against a randomizing fuzz library(i.e. so only an individual
> argument on a request would be suddenly sent out of bounds).
> 
> Perhaps no library would be needed at all...think, "noisy netcat" :-)
> 
> Thoughts?
> 
> Yours Truly,
> 
>     Dan Kaminsky, CISSP
>     http://www.doxpara.com
>

Next message: Sec i386: "Re: rain"
Previous message: Erick B.: "Re: un-hibernating laptop using old network settings"
In reply to: Dan Kaminsky: "Re: rain"
Next in thread: Sec i386: "Re: rain"
Next in thread: Michael: "Re: Re: rain"
Maybe reply: Michael: "Re: Re: rain"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jul 02 2001 - 22:12:11 PDT