Home page logo

pen-test logo Penetration Testing mailing list archives

Re: TCP stack smashing
From: Mathew Rowley <mathew.rowley () gmail com>
Date: Sun, 18 Mar 2007 21:21:07 -0600

You may want to check out Scapy... It is a python based tool that can create any type of packet... Its extremly 
powerful but takes a while to figure out.


hope this helps

On Wed, 14 Mar 2007 16:55:11 -0400 (EDT)
"R. DuFresne" <dufresne () sysinfo com> wrote:

Hash: SHA1

On Sun, 11 Mar 2007, Nicolas RUFF wrote:

I am looking for a tool that can be used to stress the tcp implementation
on our web/application server. I remember there used to be a tool called
EvilTCP that could be integrated
into the bsd/linux kernel to emulate a bad TCP implementation. However I
cannot find it on google. Can anybody help with this or do you know of any
similar utility that I can use to make malformed TCP transactions

Not sure if this is what you are looking for, but the ISIC tools
collection (and namely TCPSIC) can flood your server with bad TCP fragments.

If I recall, having played with those years ago, if used aggessivly, and 
merely mildly aggessivly, there was not a TCP stack we could find that did 
not get hosed to a state requiring a reboot to recover from.  Those are 
not tools to be played in production envs fer sure.


Ron DuFresne
- -- 
         admin & senior security consultant:  sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

                 -Tom Robbins <Still Life With Woodpecker>
Version: GnuPG v1.4.5 (GNU/Linux)


This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.


Attachment: signature.asc

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]