Inquiry: packet crafting tools for encapsulated protocols?

From: Pera Mis (pmis@earthlink.net)
Date: Sun Sep 14 2003 - 20:54:09 EDT

• Next message: Ben Nagy: "RE: Cracking a Netscreen password"
• Previous message: Sekurity Wizard: "RE: ICMP TYPE 3"
• In reply to: Chris Ess: "RE: Cracking a Netscreen password"
• Next in thread: Cedric Blancher: "Re: Inquiry: packet crafting tools for encapsulated protocols?"
• Reply: Cedric Blancher: "Re: Inquiry: packet crafting tools for encapsulated protocols?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello,

Although this may be not the most appropriate forum/list to ask following question, I could not find any place/forum having more chances to know the answer(s) to it. If you know where to go and ask this question, please point me in the right direction.

My question is: I need a packet crafting tool that allows generation (and, if possible, detection/dissection ) of the network packets for the non-common protocols encapsulated in (TCP|UDP)/IP stack. I.e. the packets that I need to analyze and be able to tinker with them (i.e. to be able to generate packets of the various malformations in their header and body/payload parts) have following structure:

        [IP header | TCP or UDP header | YYY protocol header | YYY protocol payload]

I read somewhere some time ago (maybe 6 months ago) that there exist
such a tool that is "intelligent" enough to recalculate the header of
all lower layer protocols' header-fields upon changes in the length
of the inner-most encapsulated protocol. However, not I can not
find/reconstruct a reference to that tool.

I looked through the various tools (hping2, etherpeek, nmap), they look
like pars of what I need are there, but not all of them. I also searched
through Google and Usenet, but there is nothing similar to what I need.

The background for this is a need to be able to test a devices that are
communicating over such encapsulated protocols for the sensitivity to
various malformations of the packets. Is there any general tool for
security testing of communication protocols?

Any advice or pointer is welcome. Thanks,

Peter

---------------------------------------------------------------------------
FREE Trial!
New for security consultants and in-house pros: FOUNDSTONE PROFESSIONAL
and PROFESSIONAL TL software. Fast, reliable vulnerability assessment
technology powered by the award-winning FoundScan engine. Try it free for 21 days at: http://www.securityfocus.com/sponsor/Foundstone_pen-test_030825
----------------------------------------------------------------------------

• Next message: Ben Nagy: "RE: Cracking a Netscreen password"
• Previous message: Sekurity Wizard: "RE: ICMP TYPE 3"
• In reply to: Chris Ess: "RE: Cracking a Netscreen password"
• Next in thread: Cedric Blancher: "Re: Inquiry: packet crafting tools for encapsulated protocols?"
• Reply: Cedric Blancher: "Re: Inquiry: packet crafting tools for encapsulated protocols?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:40 EDT