Penetration Testing mailing list archives
Re: Pen test of IP stack
From: "Zed Qyves" <zqyves.spamtrap () gmail com>
Date: Fri, 31 Aug 2007 09:40:25 +0300
hello, I would also give scapy (last time I checked it was at http://www.secdev.org/projects/scapy/) a try. It is python and you can easily script it to run through all the different options ZQ On 8/30/07, axmail () gmx com <axmail () gmx com> wrote:
Hi, I want to test a new developed network device against vulnerabilities in the IP stack. I found already tools like nemesis or hping2 which makes me able to generate all kind of thinkable packets. But I realized also that I'm facing also hundreds of possible variations in the IP header. Are there any tools which can already test the stack for the most common vulnerabilities such as the overlapping fragment attack, teardrop and other? In other words it should bombard the stack with invalid IP packets. I also facing the same problem with DHCP and IGM. Any help would be welcome and appreciated. Regards, Axel ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
-- --------------------------------------------------------------------- Κρέων ἐν τῇδ᾽ ἔφασκε γῇ· τὸ δὲ ζητούμενον ἁλωτόν, ἐκφεύγειν δὲ τἀμελούμενον. Οιδίπους Τύρρανος [110] --------------------------------------------------------------------- Creon In this our land, so said he, those who seek Shall find; unsought, we lose it utterly. Oedipus Rex [110] ---------------------------------------------------------------------
Current thread:
- Pen test of IP stack axmail (Aug 30)
- RE: Pen test of IP stack J.M. Seitz (Aug 30)
- Re: Pen test of IP stack Gleb Paharenko (Aug 31)
- Re: Pen test of IP stack Jerome Athias (Aug 31)
- Re: Pen test of IP stack Zed Qyves (Aug 31)