Re: Generating Dropped Packets

From: Wolfgang Zenker (wolfgang@jpaves.de)
Date: 07/23/01 

From: Wolfgang Zenker <wolfgang@jpaves.de>
Message-Id: <200107231911.VAA23736@goldie.jpaves.de>
Subject: Re: Generating Dropped Packets
To: "Noonan, Wesley" <Wesley_Noonan@bmc.com>
Date: Mon, 23 Jul 2001 21:11:20 +0200 (CEST)

Hi,

Noonan, Wesley wrote:
> [..] I am trying to generate traffic that will be
> dropped out of hand by both switches and routers. The nature of the packet
> (fragment, giant, etc.) isn't as important to me as the ability of the
> switch/router to recognize that the packet needs to be dropped.
> Products/tools that are Windows based are preferred, though Linux and/or
> Solaris are acceptable as well [..]

a packet that would be silently dropped by a router could be an
ICMP "time exceeded" packet where the ttl count reaches 0.
By setting the start value for ttl you decide after how many hops
you want your packet to be dropped. A tool to create these would
be hping (on Unix/Linux, see http://www.kyuzz.org/antirez/hping.html).

To have your packet dropped by a switch would require some illegal
values for your media to be set, e.g. an illegal frame size on ethernet.
Don't know of a tool to create these, and i'm not sure if every network
interface would actually be able to create such a frame.

Wolfgang Zenker 

-- 
Wolfgang Zenker                                  Mail: W.Zenker@jpaves.de
JPAVES Unix Online GmbH                          Fon:  (+49) 721 / 955 40 60
Kaiserallee 87                                   Fax:  (+49) 721 / 955 40 62
D-76185 Karlsruhe                                Web:  www.jpaves.de

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Relevant Pages

  • RE: dymamic routing - visibility
    ... If that's the case then any packet ... > This list is provided by the SecurityFocus Security ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • Issues with TEARDROP attacks within ISS, or possibly my mind.
    ... I can't get their TEARDROP attack to trigger. ... My understanding of TEARDROP is that it's a UDP packet ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • Re: suffering from poor network performance...
    ... Switches are smarter and often have external management interfaces, ... they keep track of each port individually in terms of speed and duplex ... broken traffic to all listeners the way a hub does, ... regenerating packet timing and permitting much larger topologies. ...
    (freebsd-net)
  • Re: Switch, Hub and Router
    ... What is the different between Switch, Hub and Router? ... Multiport repeater that forwards a packet to all ports, ... layer-4 switches, ... Routers connect networks. ...
    (microsoft.public.win2000.networking)
  • Re: A Few Questions related to Network Administration and TrafficAnalysis
    ... These are essentially packet capture ... > connected to a hub. ... The reason being, switches don't typically repeat ... And since you are running wireless connections don't forget kismet and ...
    (Fedora)