Re: TCP stack smashing

To:	pen-test@securityfocus.com
Subject:	Re: TCP stack smashing
From:	Mathew Rowley <mathew.rowley@gmail.com>
Date:	Sun, 18 Mar 2007 21:21:07 -0600
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	pentest-list2@consult.net
Delivered-to:	mailing list pen-test@securityfocus.com
Delivered-to:	moderator for pen-test@securityfocus.com
Dkim-signature:	a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:date:from:to:subject:message-id:in-reply-to:references:x-mailer:mime-version:content-type; b=qR0wXFRycGL/AGWPoajDv3M/RDCM+my3kyuGCtrA8qr/WhycZwJqKxAwwPymJ7OaYr67rJ06i8cBSpAmIce7fY0yQW+dAw+/u9mHeGFbev0hUjk+EWp2v+CTsaAM4daLePRS+OCEbBrSL/uxI2h4fX5yKKPsvYSwYMcMQpLQiBE=
Domainkey-signature:	a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:date:from:to:subject:message-id:in-reply-to:references:x-mailer:mime-version:content-type; b=hn6mhqwDuFbSMT/qZPeqNZqkoGd/ZUOckgnINw4e26dlfe6QMiHqg5l91jtqZ61cG0bPWPLd42KsrQBHsAvxp0/KjBmhfSqQkDbPW0aKCHf8I83LIZziU4+zAL8mcsXfJg8NyZicUHjjK/xdc+J2ORjIl9GFmdH1m9BETfuhINI=
In-reply-to:	<Pine.LNX.4.64.0703141652130.27224@darkstar.sysinfo.com>
List-help:	<mailto:pen-test-help@securityfocus.com>
List-id:	<pen-test.list-id.securityfocus.com>
List-post:	<mailto:pen-test@securityfocus.com>
List-subscribe:	<mailto:pen-test-subscribe@securityfocus.com>
List-unsubscribe:	<mailto:pen-test-unsubscribe@securityfocus.com>
Mailing-list:	contact pen-test-help@securityfocus.com; run by ezmlm
References:	<1173405143.11617.ezmlm@securityfocus.com> <17909.66.129.224.36.1173398987.squirrel@webmail.sonic.net> <45F3D8A7.6080703@gmail.com> <Pine.LNX.4.64.0703141652130.27224@darkstar.sysinfo.com>
Resent-date:	Tue, 20 Mar 2007 07:20:21 -0700 (MST)
Resent-from:	pen-test-return-1078483809@securityfocus.com
Resent-message-id:	<20070320142021.64D2F1610E3@outgoing2.securityfocus.com>
Resent-sender:	listbounce@securityfocus.com
Sender:	listbounce@securityfocus.com

You may want to check out Scapy... It is a python based tool that can create 
any type of packet... Its extremly powerful but takes a while to figure out.

http://www.secdev.org/projects/scapy/

hope this helps


On Wed, 14 Mar 2007 16:55:11 -0400 (EDT)
"R. DuFresne" <dufresne@sysinfo.com> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Sun, 11 Mar 2007, Nicolas RUFF wrote:
> 
> >> I am looking for a tool that can be used to stress the tcp implementation
> >> on our web/application server. I remember there used to be a tool called
> >> EvilTCP that could be integrated
> >> into the bsd/linux kernel to emulate a bad TCP implementation. However I
> >> cannot find it on google. Can anybody help with this or do you know of any
> >> similar utility that I can use to make malformed TCP transactions
> >> (request/response).
> >
> > Not sure if this is what you are looking for, but the ISIC tools
> > collection (and namely TCPSIC) can flood your server with bad TCP fragments.
> >
> 
> If I recall, having played with those years ago, if used aggessivly, and 
> merely mildly aggessivly, there was not a TCP stack we could find that did 
> not get hosed to a state requiring a reboot to recover from.  Those are 
> not tools to be played in production envs fer sure.
> 
> 
> Thanks,
> 
> Ron DuFresne
> - -- 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>          admin & senior security consultant:  sysinfo.com
>                          http://sysinfo.com
> Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629
> 
> ...We waste time looking for the perfect lover
> instead of creating the perfect love.
> 
>                  -Tom Robbins <Still Life With Woodpecker>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.5 (GNU/Linux)
> 
> iD8DBQFF+GEyst+vzJSwZikRAt3WAJ4yaeusg3z7q7FGiKlbTm8X7MVPDgCfcQjI
> O4+NFqF2UKqGRbbnd3EZAl4=
> =ASNd
> -----END PGP SIGNATURE-----
> 
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
> 
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> 
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> ------------------------------------------------------------------------
>

signature.asc
Description: PGP signature

<Prev in Thread]	Current Thread	[Next in Thread>
RE: TCP stack smashing, (continued) RE: TCP stack smashing, Clement Dupuis Re: TCP stack smashing, Santiago Barahona Re: TCP stack smashing, Ivan . Re: TCP stack smashing, Nicolas RUFF Re: TCP stack smashing, R. DuFresne Re: TCP stack smashing, crazy frog crazy frog Re: TCP stack smashing, R. DuFresne RE: TCP stack smashing, MARTIN Benoni RE: TCP stack smashing, R. DuFresne Re: TCP stack smashing, Matthias Hofherr Re: TCP stack smashing, Mathew Rowley <= RE: TCP stack smashing, MARTIN Benoni Re: TCP stack smashing, Tyler Krpata

Previous by Date:	Re: TCP stack smashing, crazy frog crazy frog
Next by Date:	RE: windows 2003 server, Salvador.Manaois
Previous by Thread:	Re: TCP stack smashing, Matthias Hofherr
Next by Thread:	RE: TCP stack smashing, MARTIN Benoni
Indexes:	[Date] [Thread] [Top] [All Lists]