You may have heard about HailStorm
http://www.clicktosecure.com
You can script "iterations" thus changing different packet attributes in an
organized manner (in the headers or in the payload). This way you can
generate some very interesting patterns/sequences. It can also generate
various (heavy!) loads, which sounds like the tool you may be looking for.
It has a simple API and can read Perl scripts (as long as you follow a
couple of basic rules). I am still learning it.
Regards,
Greg
>From: "Dan Kaminsky" <dankamin_at_cisco.com>
>To: <mystic_at_tenebrous.com>, <vuln-dev_at_securityfocus.com>
>Subject: Re: rain
>Date: Mon, 2 Jul 2001 06:19:39 -0700
>
>
> > Hello. Someone recommended I post this program to you. I hope you find
>it
> > interesting:
> >
> >
> > http://www.tenebrous.com/rain/
>
>This is effectively a tool for sending various types of semi-random floods
>towards an IP destination. It seems more suited to stack testing than DoS,
>though(its floods are reasonably filterable).
>
>This brings up an interesting question: Perhaps there should be a
>reasonable toolkit for testing network services--something like "netfuzz",
>that would send various patterns at different load levels heuristically
>seeking those patterns that might cause instabilities.
>
>*So* many daemons are released that can't handle even minor amounts of
>noise
>that this might actually be a useful general purpose tool *before*
>releasing
>code to test your daemons against. Particularly if one could compile their
>clients against a randomizing fuzz library(i.e. so only an individual
>argument on a request would be suddenly sent out of bounds).
>
>Perhaps no library would be needed at all...think, "noisy netcat" :-)
>
>Thoughts?
>
>Yours Truly,
>
> Dan Kaminsky, CISSP
> http://www.doxpara.com
>
>
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
Received on Jul 03 2001
Intro
