Re: TCP stack smashing

To:	"R. DuFresne" <dufresne@sysinfo.com>
Subject:	Re: TCP stack smashing
From:	"crazy frog crazy frog" <i.m.crazy.frog@gmail.com>
Date:	Sun, 18 Mar 2007 22:39:38 +0530
Cc:	"Nicolas RUFF" <nicolas.ruff@gmail.com>, pen-test@securityfocus.com, bpmlist@sonic.net, pen-test-return-1078483754@securityfocus.com
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	pentest-list2@consult.net
Delivered-to:	mailing list pen-test@securityfocus.com
Delivered-to:	moderator for pen-test@securityfocus.com
Dkim-signature:	a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=if4yojDfbI9Sd5lteRulcpnl/RaB6INrIG4XkT1fpmKVhqRIF0K8vOIfq3pGO9cqRBh08/NOWRcqx73DSOX1oVTbZ+jbRP3uIpWCoayniJWyDy4lEqGydR2ReWwmqAitpv03A3RwBVf7JHa+nZocQ722QCmdPSlCr4WPLv2qWHE=
Domainkey-signature:	a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=CMCgZGKq6f8MTIlSEsb5h3gmzZI6tF+bdffaIu2/Gs355UeZ1lpO2OhJP5Z2ugKNt1jOKFgXlubL4etQ92c6HDhyAUmQHYCwl3h17JxC1VbCg8pAtFnhpo2mSRdbTqC+rXm3UmdfWIkTWEd2q+hVLP52dj81amUDLj4sL03dAGI=
In-reply-to:	<Pine.LNX.4.64.0703141652130.27224@darkstar.sysinfo.com>
List-help:	<mailto:pen-test-help@securityfocus.com>
List-id:	<pen-test.list-id.securityfocus.com>
List-post:	<mailto:pen-test@securityfocus.com>
List-subscribe:	<mailto:pen-test-subscribe@securityfocus.com>
List-unsubscribe:	<mailto:pen-test-unsubscribe@securityfocus.com>
Mailing-list:	contact pen-test-help@securityfocus.com; run by ezmlm
References:	<1173405143.11617.ezmlm@securityfocus.com> <17909.66.129.224.36.1173398987.squirrel@webmail.sonic.net> <45F3D8A7.6080703@gmail.com> <Pine.LNX.4.64.0703141652130.27224@darkstar.sysinfo.com>
Resent-date:	Tue, 20 Mar 2007 07:19:30 -0700 (MST)
Resent-from:	pen-test-return-1078483805@securityfocus.com
Resent-message-id:	<20070320141930.89B9614693D@outgoing2.securityfocus.com>
Resent-sender:	listbounce@securityfocus.com
Sender:	listbounce@securityfocus.com

PROTOS test suit??

On 3/15/07, R. DuFresne <dufresne@sysinfo.com> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sun, 11 Mar 2007, Nicolas RUFF wrote:

>> I am looking for a tool that can be used to stress the tcp implementation
>> on our web/application server. I remember there used to be a tool called
>> EvilTCP that could be integrated
>> into the bsd/linux kernel to emulate a bad TCP implementation. However I
>> cannot find it on google. Can anybody help with this or do you know of any
>> similar utility that I can use to make malformed TCP transactions
>> (request/response).
>
> Not sure if this is what you are looking for, but the ISIC tools
> collection (and namely TCPSIC) can flood your server with bad TCP fragments.
>

If I recall, having played with those years ago, if used aggessivly, and
merely mildly aggessivly, there was not a TCP stack we could find that did
not get hosed to a state requiring a reboot to recover from.  Those are
not tools to be played in production envs fer sure.


Thanks,

Ron DuFresne
- --
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         admin & senior security consultant:  sysinfo.com
                         http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

                 -Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFF+GEyst+vzJSwZikRAt3WAJ4yaeusg3z7q7FGiKlbTm8X7MVPDgCfcQjI
O4+NFqF2UKqGRbbnd3EZAl4=
=ASNd
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------



--
---------------------------------------
http://www.secgeeks.com
get a blog on secgeeks :)
register here:-
http://secgeeks.com/user/register
rss feeds :-
http://secgeeks.com/node/feed
Submit you security articles,send them to secgeek@secgeeks.com

http://www.newskicks.com
Submit and kick for new stories from all around the world.
---------------------------------------

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
TCP stack smashing, Balaji Prasad Re: TCP stack smashing, Shaon Diwakar RE: TCP stack smashing, Clement Dupuis Re: TCP stack smashing, Santiago Barahona Re: TCP stack smashing, Ivan . Re: TCP stack smashing, Nicolas RUFF Re: TCP stack smashing, R. DuFresne Re: TCP stack smashing, crazy frog crazy frog <= Re: TCP stack smashing, R. DuFresne RE: TCP stack smashing, MARTIN Benoni RE: TCP stack smashing, R. DuFresne Re: TCP stack smashing, Matthias Hofherr Re: TCP stack smashing, Mathew Rowley RE: TCP stack smashing, MARTIN Benoni Re: TCP stack smashing, Tyler Krpata

Previous by Date:	TOOL: LLTD implementation in Perl, GomoR
Next by Date:	Re: TCP stack smashing, Mathew Rowley
Previous by Thread:	Re: TCP stack smashing, R. DuFresne
Next by Thread:	Re: TCP stack smashing, R. DuFresne
Indexes:	[Date] [Thread] [Top] [All Lists]