./net/isic, Ip Stack Integrity Checker (IP, TCP, UDP, ICMP et. al.)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 0.07, Package name: isic-0.07, Maintainer: pkgsrc-users

ISIC (and components) is intended to test the integrity of an IP
Stack and its component stacks (TCP, UDP, ICMP et. al.) It does
this by generating a controlled random packet (controlled randomness...
wacky huh?). The user can specify he/she/it [I'm tempted to put
'it' before 'she' :-)] wants a stream of TCP packets. He/she/it
suspects that the target has weak handling of IP Options (aka
Firewall-1). So he/she/it does a 'tcpsic -s rand -d firewall
-I100'. And observes the result.

A great use for ISIC would be to fire it through a firewall and
see if the firewall leaks packets. But of course that would be
illegal because Network Associates owns a bogus patent on that :-)
You could do that by setting the default route on the sending
computer to the firewall..... But that would be illegal. (But I
can't legally have a beer so do you think I care about laws?)

By far the most common use for these tools is testing IDS systems.
A day after I took the source offline and moved it to a cvs server,
a half dozen people working on separate home-grown IDS systems
emailed requesting the source be put back up.


Required to build:
[devel/libnet11] [pkgtools/cwrappers]

Master sites:

Filesize: 38.89 KB

Version history: (Expand)

CVS history: (Expand)


   2021-10-26 13:07:15 by Nia Alarie | Files touched by this commit (958) 
Log message:
net: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Not committed (merge conflicts...):

net/radsecproxy/distinfo

The following distfiles could not be fetched (fetched conditionally?):

./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz
./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch
./net/djbdns/distinfo djbdns-1.05-test28.diff.xz
./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch
./net/djbdns/distinfo djbdns-1.05-multiip.diff
./net/djbdns/distinfo djbdns-cachestats.patch
   2021-10-07 16:43:07 by Nia Alarie | Files touched by this commit (962) 
Log message:
net: Remove SHA1 hashes for distfiles
   2020-03-20 12:58:37 by Nia Alarie | Files touched by this commit (640) 
Log message:
*: Convert broken sourceforge HOMEPAGEs back to http
   2020-01-19 00:36:14 by Roland Illig | Files touched by this commit (3046) 
Log message:
all: migrate several HOMEPAGEs to https

pkglint --only "https instead of http" -r -F

With manual adjustments afterwards since pkglint 19.4.4 fixed a few
indentations in unrelated lines.

This mainly affects projects hosted at SourceForce, as well as
freedesktop.org, CTAN and GNU.
   2016-02-25 17:20:53 by Jonathan Perkin | Files touched by this commit (47) 
Log message:
Use OPSYSVARS.
   2015-11-04 01:35:47 by Alistair G. Crooks | Files touched by this commit (748) 
Log message:
Add SHA512 digests for distfiles for net category

Problems found with existing digests:
	Package haproxy distfile haproxy-1.5.14.tar.gz
	159f5beb8fdc6b8059ae51b53dc935d91c0fb51f [recorded]
	da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated]

Problems found locating distfiles:
	Package bsddip: missing distfile bsddip-1.02.tar.Z
	Package citrix_ica: missing distfile citrix_ica-10.6.115659/en.linuxx86.tar.gz
	Package djbdns: missing distfile djbdns-1.05-test25.diff.bz2
	Package djbdns: missing distfile djbdns-cachestats.patch
	Package djbdns: missing distfile 0002-dnscache-cache-soa-records.patch
	Package gated: missing distfile gated-3-5-11.tar.gz
	Package owncloudclient: missing distfile owncloudclient-2.0.2.tar.xz
	Package poink: missing distfile poink-1.6.tar.gz
	Package ra-rtsp-proxy: missing distfile rtspd-src-1.0.0.0.tar.gz
	Package ucspi-ssl: missing distfile ucspi-ssl-0.70-ucspitls-0.1.patch
	Package waste: missing distfile waste-source.tar.gz

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2012-10-23 19:19:22 by Aleksej Saushev | Files touched by this commit (671) 
Log message:
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.
   2009-12-09 13:32:22 by OBATA Akio | Files touched by this commit (4) 
Log message:
Update isic to 0.07.

pkgsrc changes:
* change HOMEPAGE and MASTER_SITES to new Sourceforge's one.
* set LICENSE=2-clause-bsd
* add user-destdir support

ISIC (v0.07)	12/22/2006, by Shu Xiao (sxiao@cisco.com)

	- New IPv6 utilities: isic6, tcpsic6, udpsic6, icmpsic6.

	- New tool multisic for sending random multicast UDP packets.

	- Fixed compilation errors with GCC v4.

	- Added -k skip option for esic per the request from some users.

	- Placed the flood control under low traffic limit case only.

		The original flood protection code calls gettimeofday(),
		and runs after sending each packet. This is time consumping
		and prevents the tool from reaching high traffic limit
		on high speed interface (eg. 1000Base-TX). Now the flood
		control will take effect only if the specified maximum rate
		is less than 10MB/s.

	- Corrected -t option bug with tcpsic:

		The old one was using it reversely, e.g. -t 30 would generate
		packet with 30% of them having correct TCP checksum. But -t
		is actually for the percentage of bad TCP checksum.

	- Changed to used 32-bit random numbers for some fields:

		For IPv4 *sic tools, the source/destination IP address and
		TCP sequence/acknowledge numbers are 32-bit width, and
		should be assigned with equal size random numbers. The old
		code did not do shifting correctly.

	- Changed the default value to 10 for all percentage options.

	- Cleaned the usage printout of icmpsic:

		There were ports used in the usage printout of icmpsic. This
		was misleading since no ports arguments needed for it.

	- New manual page, try to get more help with "man isic".