Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Code recommendaion?

From: Robert Graham <robert_david_graham () yahoo com>
Date: Mon, 28 Jun 1999 16:55:01 -0700 (PDT)
The answer depends greatly on the underlying OS and programming language. 

http://www.rootshell.com
This site has a number of exploits snippets that generate raw packets. Look for
things like bonk, syndrop, teardrop, etc. Each is a single file exploit. You
should probably running Linux for these to compile; they assume some underlying
TCP/IP stack capabilities (many stacks don't allow RAW IP datagrams to be
constructed). [Note: rootshell doesn't allow people to directly link to
exploits on their site, which is why I don't have a direct link).

http://www.insecure.org/nmap/
'nmap' is the best portscanning tool and OS fingerprinter. It already might
have many of the features you want, so you can probably just extend some of
them, then pass your changes onto the author. However, the code is really,
really rough/undocumented. It runs on virtually all UNIX systems, but does not
run on Windows.

There may be ways in PERL to construct such things. Basically, you need to call
the following function equivelent in whatever language you are using:
 sckt = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
Using this socket, you must then create the binary information yourself.

Again, note that Windows does not support "SOCK_RAW" unless you are doing ICMP
packets. There is no 'easy' way of doing this on Windows (e.g. you have to
create your own 'protocol' driver that links into the networking stack
alongside the TCP/IP in order to send such packets: it's actually easy -- once
you know all the details of NDIS drivers and Windows protocol drivers).

Hope this helps,
Rob.


--- Lance Spitzner <spitzner () dimension net> wrote:

Any recommendations on code that will let me build
my own packets?  Specifically TCP SYN only packets
with various flag settings.

'Statefull Inspection' is becoming a common standard
in the Firewall industry.  I want to test/verify what
types of packets are added to a stateful table and
when.

Any recommendations would be greatly appreciated.  The
simpler the code the better (so I can hack it myself :)

Thanks

Lance Spitzner
http://www.enteract.com/~lspitz/papers.html
Internetworking & Security Engineer
Dimension Enterprises Inc




_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
Previous By Date Next
Previous By Thread Next

Current thread: