Nmap Development mailing list archives
Re: Simple script: random (garbage) fuzzer
From: Jon Kibler <Jon.Kibler () aset com>
Date: Sat, 07 Nov 2009 13:06:36 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Fyodor wrote:
On Fri, Nov 06, 2009 at 10:13:46AM -0500, Ron wrote:Hey, Somebody requested a NSE script to fuzz with random garbage on all ports. It isn't *terribly* useful, but it could be a good way to exhaust bandwidth/test for really bad services.Nice. Did they request it on a public forum somewhere that you can link to? It would be interesting to know more about the use case they have in mind.
Re: Use case for this script? I have not had a chance to look at this NSE script. However, random garbage generators are a VERY useful testing tool, especially against embedded systems (printers, VoIP phones, environmental sensors, etc.) and real-time systems (SCADA, PLCs, DCS, security, HVAC, etc.). They very rapidly identify brittle IP stacks and how well systems handle unexpected traffic. I regularly use custom protocol fuzzers, and such tools as ISIC, SING, nemesis, fragrouter, etc., to generate random packets to test the stability of systems to unexpected traffic. All serve a very useful purpose when testing embedded or real-time systems, which tend to be less network-stable than are traditional computers. That said, nmap itself can be a dangerous tools against embedded systems. When doing a vulnerability assessment or pen test, one of the stipulations in my contract is that the customer must identify every non-traditional computer on their network (including printers), unless they specifically want them included in the test. If they want them included, they must agree to assume all liability for damages that may result from these systems being tested. I have had a simple nmap scan of a network cause security systems to crash and burn (actually have to replace boards!) to the point that they lock people in rooms, and the maglocks had to be drilled off the doors to get the people out of the room. I have had nmap cause HVAC systems to either shut down, or turn on full heat or A/C, because the scan blew the control board. I have also had nmap crash other "stuff" that I cannot talk about. The ability of a system or device to handle random garbage on the network is a critical part of any security testing. I would think this script may be able to serve in that capacity. I will have to take a look at it when I get a chance. Jon Kibler - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-813-2924 s: 843-564-4224 s: JonRKibler e: Jon.Kibler () aset com e: Jon.R.Kibler () gmail com http://www.linkedin.com/in/jonrkibler My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkr1tywACgkQUVxQRc85QlNFhACfaIzUfxi9odhcTgqHrOsukF7+ pocAnRTFBPtYZTDJtZuoOmGCv36tHlOA =hSl+ -----END PGP SIGNATURE----- ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Simple script: random (garbage) fuzzer Ron (Nov 06)
- Re: Simple script: random (garbage) fuzzer Fyodor (Nov 06)
- Re: Simple script: random (garbage) fuzzer Ron (Nov 07)
- Re: Simple script: random (garbage) fuzzer Fyodor (Nov 08)
- Re: Simple script: random (garbage) fuzzer Jon Kibler (Nov 07)
- Re: Simple script: random (garbage) fuzzer Ron (Nov 07)
- Re: Simple script: random (garbage) fuzzer Fyodor (Nov 06)