./net/isic, Ip Stack Integrity Checker (IP, TCP, UDP, ICMP et. al.)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: pkgsrc-2010Q3, Version: 0.07, Package name: isic-0.07, Maintainer: pkgsrc-users

ISIC (and components) is intended to test the integrity of an IP
Stack and its component stacks (TCP, UDP, ICMP et. al.) It does
this by generating a controlled random packet (controlled randomness...
wacky huh?). The user can specify he/she/it [I'm tempted to put
'it' before 'she' :-)] wants a stream of TCP packets. He/she/it
suspects that the target has weak handling of IP Options (aka
Firewall-1). So he/she/it does a 'tcpsic -s rand -d firewall
-I100'. And observes the result.

A great use for ISIC would be to fire it through a firewall and
see if the firewall leaks packets. But of course that would be
illegal because Network Associates owns a bogus patent on that :-)
You could do that by setting the default route on the sending
computer to the firewall..... But that would be illegal. (But I
can't legally have a beer so do you think I care about laws?)

By far the most common use for these tools is testing IDS systems.
A day after I took the source offline and moved it to a cvs server,
a half dozen people working on separate home-grown IDS systems
emailed requesting the source be put back up.


Master sites:

SHA1: 185de415378894ec5248c158d77395d46ce98d4a
RMD160: 1f06dddc2a120bdfed471b487cc00c7d22b59ae2
Filesize: 38.89 KB

Version history: (Expand)