./net/isic, Ip Stack Integrity Checker (IP, TCP, UDP, ICMP et. al.)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: pkgsrc-2007Q4, Version: 0.06nb1, Package name: isic-0.06nb1, Maintainer: adrianp

ISIC (and components) is intended to test the integrity of an IP
Stack and its component stacks (TCP, UDP, ICMP et. al.) It does
this by generating a controlled random packet (controlled randomness...
wacky huh?). The user can specify he/she/it [I'm tempted to put
'it' before 'she' :-)] wants a stream of TCP packets. He/she/it
suspects that the target has weak handling of IP Options (aka
Firewall-1). So he/she/it does a 'tcpsic -s rand -d firewall
-I100'. And observes the result.

A great use for ISIC would be to fire it through a firewall and
see if the firewall leaks packets. But of course that would be
illegal because Network Associates owns a bogus patent on that :-)
You could do that by setting the default route on the sending
computer to the firewall..... But that would be illegal. (But I
can't legally have a beer so do you think I care about laws?)

By far the most common use for these tools is testing IDS systems.
A day after I took the source offline and moved it to a cvs server,
a half dozen people working on separate home-grown IDS systems
emailed requesting the source be put back up.


Master sites:

SHA1: 69433d4c6f351648655991d30e5c64e958a82e6b
RMD160: 2f6a336d4a4a59f4e85b51c45bab83ff3f1390b5
Filesize: 26.964 KB

Version history: (Expand)