Import isic-0.05:

Ip Stack Integrity Checker (IP, TCP, UDP, ICMP et. al.)

ISIC (and components) is intended to test the integrity of an IP
Stack and its component stacks (TCP, UDP, ICMP et. al.)  It does
this by generating a controlled random packet (controlled randomness...
wacky huh?).  The user can specify he/she/it [I'm tempted to put
'it' before 'she' :-)] wants a stream of TCP packets.  He/she/it
suspects that the target has weak handling of IP Options (aka
Firewall-1).  So he/she/it does a 'tcpsic -s rand -d firewall
-I100'.  And observes the result.

A great use for ISIC would be to fire it through a firewall and
see if the firewall leaks packets.  But of course that would be
illegal because Network Associates owns a bogus patent on that :-)
You could do that by setting the default route on the sending
computer to the firewall.....  But that would be illegal.  (But I
can't legally have a beer so do you think I care about laws?)

By far the most common use for these tools is testing IDS systems.
A day after I took the source offline and moved it to a cvs server,
a half dozen people working on seperate home-grown IDS systems
emailed requesting the source be put back up.
This commit is contained in:
hubertf 2000-11-30 09:12:46 +00:00
parent a84b5524fb
commit b38c8eb1be
5 changed files with 51 additions and 0 deletions

20
net/isic/Makefile Normal file
View file

@ -0,0 +1,20 @@
# $NetBSD: Makefile,v 1.1.1.1 2000/11/30 09:12:46 hubertf Exp $
#
DISTNAME= isic-0.05
CATEGORIES= net
MASTER_SITES= http://expert.cc.purdue.edu/~frantzen/
EXTRACT_SUFX= .tgz
MAINTAINER= hubertf@netbsd.org
HOMEPAGE= http://expert.cc.purdue.edu/~frantzen/
DEPENDS+= libnet-1.*:../../devel/libnet
GNU_CONFIGURE= YES
CONFIGURE_ENV+= CFLAGS="-I${LOCALBASE}/include"
post-install:
${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/doc/isic.README
.include "../../mk/bsd.pkg.mk"

3
net/isic/files/md5 Normal file
View file

@ -0,0 +1,3 @@
$NetBSD: md5,v 1.1.1.1 2000/11/30 09:12:46 hubertf Exp $
MD5 (isic-0.05.tgz) = da75f4ff2b78477396b0ab30fbdbb616

1
net/isic/pkg/COMMENT Normal file
View file

@ -0,0 +1 @@
Ip Stack Integrity Checker (IP, TCP, UDP, ICMP et. al.)

20
net/isic/pkg/DESCR Normal file
View file

@ -0,0 +1,20 @@
ISIC (and components) is intended to test the integrity of an IP
Stack and its component stacks (TCP, UDP, ICMP et. al.) It does
this by generating a controlled random packet (controlled randomness...
wacky huh?). The user can specify he/she/it [I'm tempted to put
'it' before 'she' :-)] wants a stream of TCP packets. He/she/it
suspects that the target has weak handling of IP Options (aka
Firewall-1). So he/she/it does a 'tcpsic -s rand -d firewall
-I100'. And observes the result.
A great use for ISIC would be to fire it through a firewall and
see if the firewall leaks packets. But of course that would be
illegal because Network Associates owns a bogus patent on that :-)
You could do that by setting the default route on the sending
computer to the firewall..... But that would be illegal. (But I
can't legally have a beer so do you think I care about laws?)
By far the most common use for these tools is testing IDS systems.
A day after I took the source offline and moved it to a cvs server,
a half dozen people working on seperate home-grown IDS systems
emailed requesting the source be put back up.

7
net/isic/pkg/PLIST Normal file
View file

@ -0,0 +1,7 @@
@comment $NetBSD: PLIST,v 1.1.1.1 2000/11/30 09:12:46 hubertf Exp $
bin/isic
bin/tcpsic
bin/udpsic
bin/icmpsic
bin/esic
share/doc/isic.README