Simulate TCP connections to verify propper TCP behaviour ?

Simulate TCP connections to verify propper TCP behaviour ?

Post by Markus Zin » Fri, 09 Sep 2005 19:06:19


Hi Group

Given I would like to simulate IP fragmentation in a local lan between
two nodes or simulate out of order TCP segments and probably also the
most common kind of TCP abuses (tear drop attacks, syn floods and the
like) this in order to verify / test TCP implementations - any idea on
how to do these kind of things?

Is there software around which simulates "valid" popular protocol
sessions (i.e. HTTP) but "modify" the data acordingly?

TIA

Markus
 
 
 

Simulate TCP connections to verify propper TCP behaviour ?

Post by googlegrou » Sat, 10 Sep 2005 05:06:18


Markus,

The situations you're describing don't require you to "simulate valid
popular protocols" at all. You can accomplish your objective by
*actually*running* those protocols, then abuse the endpoint in the
process.

For example, acutally surf the web, while performing a syn flood attack
on the machine. No need to simulate, just use your browser of choice
to load some web pages!

Some of the tests you describe (out of order segments / ip
fragmentation) will require you to put a broken network in between the
TCP endpoints. There's a great (and free) broken network called
NistNet: http://www.yqcomputer.com/

It will allow you to drop or delay packets at will.

For fragmentation, I imagine you'll have to fiddle with the NistNet
router's MTU.

In any event, you're looking to abuse traffic, but there doesn't seem
to be a need for a traffic simulator.

/chris