testing TCP stack - teardrop & co

Do you have a question? Post it now! No Registration Necessary

Translate This Thread From English to

Threaded View
Hi group

I'm in the process of testing the robustness and if needed improof my
embedded TCP/IP stack implementation. I performed already many kind of
(mostly stress) tests etc, but testing attacks is not so easy as I
first thought. It turns out that getting "malware" which I would like
to "use" to simulate all kind of attacks is (somehow fortunately) not
so easy. I managed to get a tool to generate a synflood and the stack
so far behaved as expected. However, I also would like to test it
against teardrop attacks etc. Any ideas, pointers etc. for a tool that
performs these kind of things?



Re: testing TCP stack - teardrop & co
Quoted text here. Click to load it

Check with the network security orgs like SANS.org, Foundstone.

No doubt you could find them on hacker-oriented sites (start with
defcon.org), but you *really* don't want to run anything you download
from such sites - practically guaranteed to have a little extra
"something" wrapped around the EXE that you won't want on your machine.

Please post back here with what you find.  This would be valuable info.

Curious - when you say the stack behaved as expected, you mean it failed
as expected under a SYN attack?  Or does it defend against them well?
If the latter, what mechanism did you use?  ISN cookies?

Re: testing TCP stack - teardrop & co

Quoted text here. Click to load it

Hi Richard

Thanks for the pointers - I will check them out.

With regard to syn attacks - well, the specifications do not require
the device to continue normal operation during an attack. The
specifications say that the device must "survive" the attack and
continue to operate normaly thereafter which it does now.

I intend to implement ISN cookies if the time permits but at the
moment there are other priorities.


Site Timeline