Penetration Testing mailing list archives

Pen test of IP stack

From: axmail () gmx com
Date: Thu, 30 Aug 2007 10:10:05 +0200

Hi,

I want to test a new developed network device against vulnerabilities in the IP stack.

I found already tools like nemesis or hping2 which makes me able to generate all kind of thinkable packets. But I 
realized also that I'm facing also hundreds of possible variations in the IP header. 

Are there any tools which can already test the stack for the most common vulnerabilities such as the overlapping 
fragment attack, teardrop and other? In other words it should bombard the stack with invalid IP packets.

I also facing the same problem with DHCP and IGM.

Any help would be welcome and appreciated.

Regards,
Axel

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Current thread:

Pen test of IP stack axmail (Aug 30)
- RE: Pen test of IP stack J.M. Seitz (Aug 30)
- Re: Pen test of IP stack Gleb Paharenko (Aug 31)
  - Re: Pen test of IP stack Jerome Athias (Aug 31)
- Re: Pen test of IP stack Zed Qyves (Aug 31)