Vulnerability Development mailing list archives
Re: rain
From: "Dan Kaminsky" <dankamin () cisco com>
Date: Mon, 2 Jul 2001 06:19:39 -0700
Hello. Someone recommended I post this program to you. I hope you find it interesting: http://www.tenebrous.com/rain/
This is effectively a tool for sending various types of semi-random floods towards an IP destination. It seems more suited to stack testing than DoS, though(its floods are reasonably filterable). This brings up an interesting question: Perhaps there should be a reasonable toolkit for testing network services--something like "netfuzz", that would send various patterns at different load levels heuristically seeking those patterns that might cause instabilities. *So* many daemons are released that can't handle even minor amounts of noise that this might actually be a useful general purpose tool *before* releasing code to test your daemons against. Particularly if one could compile their clients against a randomizing fuzz library(i.e. so only an individual argument on a request would be suddenly sent out of bounds). Perhaps no library would be needed at all...think, "noisy netcat" :-) Thoughts? Yours Truly, Dan Kaminsky, CISSP http://www.doxpara.com
Current thread:
- Re: rain Dan Kaminsky (Jul 02)
- Re: rain JJohnson (Jul 02)
- <Possible follow-ups>
- Re: Re: rain Michael (Jul 02)
- Re: rain Sec i386 (Jul 02)