IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Simulating Retransmissions

From: "Mike Gibson" <micheal.gibson () gmail com>
Date: Sun, 16 Apr 2006 13:49:54 -0400
Or does anyone know of a proxy application like Achilles or Burp that
works at the TCP level so that I could just drop the ACK packets while
they were on their way out of the client machine?

On 4/13/06, Mike Gibson <micheal.gibson () gmail com> wrote:

Hi everyone,

I need to have a server application retransmit some TCP packets to my
client to test my IDS.

What I was hoping to do is use Perl or something to basically
establish the 3 way handshake and then send a request to an HTTP
server or something and then never acknowledge the content returned.
Basically it will look something like this.

Client -> SYN -> Server
Server -> SYN/ACK -> Client
Client -> ACK -> Server
Client -> GET /index.html -> Server
Server -> Contents of index.html -> Client
Server -> Contents of index.html -> Client
Server -> Contents of index.html -> Client
Server -> Contents of index.html -> Client
Repeated until the retransmission algorithm expires.

Can anyone think of any utilities that could help me with this or
point me towards the correct Perl modules.

Thanks

Mike Gibson



------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: