Vulnerability Development mailing list archives
Re: rain
From: "Sec i386" <gsaoutine () hotmail com>
Date: Mon, 02 Jul 2001 23:17:01 -0000
You may have heard about HailStorm http://www.clicktosecure.comYou can script "iterations" thus changing different packet attributes in an organized manner (in the headers or in the payload). This way you can generate some very interesting patterns/sequences. It can also generate various (heavy!) loads, which sounds like the tool you may be looking for. It has a simple API and can read Perl scripts (as long as you follow a couple of basic rules). I am still learning it.
Regards, Greg
From: "Dan Kaminsky" <dankamin () cisco com> To: <mystic () tenebrous com>, <vuln-dev () securityfocus com> Subject: Re: rain Date: Mon, 2 Jul 2001 06:19:39 -0700> Hello. Someone recommended I post this program to you. I hope you find it> interesting: > > > http://www.tenebrous.com/rain/ This is effectively a tool for sending various types of semi-random floods towards an IP destination. It seems more suited to stack testing than DoS, though(its floods are reasonably filterable). This brings up an interesting question: Perhaps there should be a reasonable toolkit for testing network services--something like "netfuzz", that would send various patterns at different load levels heuristically seeking those patterns that might cause instabilities.*So* many daemons are released that can't handle even minor amounts of noise that this might actually be a useful general purpose tool *before* releasingcode to test your daemons against. Particularly if one could compile their clients against a randomizing fuzz library(i.e. so only an individual argument on a request would be suddenly sent out of bounds). Perhaps no library would be needed at all...think, "noisy netcat" :-) Thoughts? Yours Truly, Dan Kaminsky, CISSP http://www.doxpara.com
_________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com
Current thread:
- Re: rain Dan Kaminsky (Jul 02)
- Re: rain JJohnson (Jul 02)
- <Possible follow-ups>
- Re: Re: rain Michael (Jul 02)
- Re: rain Sec i386 (Jul 02)