1. Home
  2. Embedded Programming
  3. testing TCP stack - teardrop & co

testing TCP stack - teardrop & co

Hi group

I'm in the process of testing the robustness and if needed improof my embedded TCP/IP stack implementation. I performed already many kind of (mostly stress) tests etc, but testing attacks is not so easy as I first thought. It turns out that getting "malware" which I would like to "use" to simulate all kind of attacks is (somehow fortunately) not so easy. I managed to get a tool to generate a synflood and the stack so far behaved as expected. However, I also would like to test it against teardrop attacks etc. Any ideas, pointers etc. for a tool that performs these kind of things?

TIA

Markus

Reply to
Markus Zingg
Loading thread data ...

Check with the network security orgs like SANS.org, Foundstone.

No doubt you could find them on hacker-oriented sites (start with defcon.org), but you *really* don't want to run anything you download from such sites - practically guaranteed to have a little extra "something" wrapped around the EXE that you won't want on your machine.

Please post back here with what you find. This would be valuable info.

Curious - when you say the stack behaved as expected, you mean it failed as expected under a SYN attack? Or does it defend against them well? If the latter, what mechanism did you use? ISN cookies?

Reply to
Richard

Hi Richard

Thanks for the pointers - I will check them out.

With regard to syn attacks - well, the specifications do not require the device to continue normal operation during an attack. The specifications say that the device must "survive" the attack and continue to operate normaly thereafter which it does now.

I intend to implement ISN cookies if the time permits but at the moment there are other priorities.

Markus

Reply to
Markus Zingg

ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.