Re: TCP stack smashing

Hash: SHA1

On Sun, 11 Mar 2007, Nicolas RUFF wrote:

I am looking for a tool that can be used to stress the tcp implementation
on our web/application server. I remember there used to be a tool called
EvilTCP that could be integrated
into the bsd/linux kernel to emulate a bad TCP implementation. However I
cannot find it on google. Can anybody help with this or do you know of any
similar utility that I can use to make malformed TCP transactions

Not sure if this is what you are looking for, but the ISIC tools
collection (and namely TCPSIC) can flood your server with bad TCP fragments.

If I recall, having played with those years ago, if used aggessivly, and merely mildly aggessivly, there was not a TCP stack we could find that did not get hosed to a state requiring a reboot to recover from. Those are not tools to be played in production envs fer sure.


Ron DuFresne
- -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant:
Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

-Tom Robbins <Still Life With Woodpecker>
Version: GnuPG v1.4.5 (GNU/Linux)


This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.