2013.10.24

[uclinux-h8/uClinux-dist.git] / freeswan / doc / src / testingtools.html

<html>
<head>
<title>FreeS/WAN survey of testing tools</title>
<!-- Changed by: Michael Richardson, 02-Jan-2002 -->
<meta name="keywords" content="Linux, IPsec, VPN, security, FreeSWAN, testing, nettools">

<!--

Written by Michael Richardson for the Linux FreeS/WAN project
Freely distributable under the GNU General Public License

More information at www.freeswan.org
Feedback to users@lists.freeswan.org

$Id: testingtools.html,v 1.1 2002/03/12 20:57:25 mcr Exp $

$Log: testingtools.html,v $
Revision 1.1  2002/03/12 20:57:25  mcr
        review of tools used for testing FreeSWAN systems.


-->
</head>

<body>

<h1>Survey of testing tools</h1>

<h2><A HREF="http://freshmeat.net/projects/apsend">http://freshmeat.net/projects/apsend</A></h2>

<P>
About: <A HREF="">APSEND</A> is a TCP/IP packet sender to test firewalls and other
network applications. It also includes a syn flood option, the land
DoS attack, a DoS attack against tcpdump running on a UNIX-based
system, a UDP-flood attack, and a ping flood option. It currently
supports the following protocols: IP, TCP, UDP, ICMP, Ethernet frames
and you can also build any other type of protocol using the generic
option. The scripting language of apsend is already written, but not
yet public.   
</P>

<P>
STATUS: The public web site seems to have died
</P>

<h2><A HREF="http://freshmeat.net/projects/hping2">http://freshmeat.net/projects/hping2</A></h2>

<P>
About: <A HREF="http://www.hping.org/">hping2</A> is a network tool
able to send custom ICMP/UDP/TCP packets and to display target replies
like ping does with ICMP replies. It handles fragmentation and
arbitrary packet body and size, and can be used to transfer files
under supported protocols. Using hping2, you can: test firewall rules,
perform [spoofed] port scanning, test net performance using different
protocols, packet size, TOS (type of service), and fragmentation, do
path MTU discovery, tranfer files (even between really Fascist
firewall rules), perform traceroute-like actions under different
protocols, fingerprint remote OSs, audit a TCP/IP stack, etc. hping2
is a good tool for learning TCP/IP.  
</P>

<P>
This utility has rather complicated usage and no man page at present. 
The documentation is supposed to be in HPING2-HOWTO, but that file
seems to be absent. 
</P>

<h2><A HREF="http://freshmeat.net/projects/icmpush">http://freshmeat.net/projects/icmpush</A></h2>

<P>
About: ICMPush is a tool that send ICMP packets fully customized from command
line. This release supports the ICMP error types Unreach, Parameter
Problem, Redirect and Source Quench and the ICMP information types
Timestamp, Address Mask Request, Information Request, Router
Solicitation, Router Advertisement and Echo Request. Also supports
ip-spoofing, broadcasting and other useful features. It's really a
powerful program for testing and debugging TCP/IP stacks and networks.
</P>

<P>
</P>

<h2><A HREF="http://freshmeat.net/projects/isic">http://freshmeat.net/projects/isic</A></h2>

<P>
ISIC sends randomly generated packets to a target computer. Its
primary uses are to stress-test an IP stack, to find leaks in a
firewall, and to test the implementation of IDSes and firewalls. The
user can specify how often the packets will be frags, have IP options,
TCP options, an urgent pointer, etc. Programs for TCP, UDP, ICMP,
IP w/ random protocols, and random ethernet frames are included.  
</P>

<h2><A HREF="http://freshmeat.net/projects/sendpacket">http://freshmeat.net/projects/sendpacket</A></h2>

<P>
Send Packet is a small but powerful program to test how your network
responds to specific packet content. Via a config file and/or command
line parameters, you can forge (modify the headers of) your own
TCP/UDP/ICMP/IP packets and send them through your network. Also,
following the Easy Sniffer modular philosophy, you can specify wich
modules you'd like to build.  
</P>

<h2><A HREF="http://freshmeat.net/projects/aicmpsend/">http://freshmeat.net/projects/aicmpsend/</A></h2>

<P>
AICMPSEND is an ICMP sender with many features including ICMP
flooding and spoofing. All ICMP flags and codes are implemented. You
can use this program for various DoS attacks, for ICMP flooding and
to test firewalls.  
</P>

<h2><A HREF="http://freshmeat.net/projects/sendip/">http://freshmeat.net/projects/sendip/</A></h2>

<P>
SendIP is a command-line tool to send arbitrary IP packets. It has a
large number of options to specify the content of every header of a
RIP, TCP, UDP, ICMP, or raw IPv4/IPv6 packet. It also allows any data
to be added to the packet. Checksums can be calculated automatically,
but if you wish to send out wrong checksums, that is supported too.  
</P>

<h2><A HREF="http://laurent.riesterer.free.fr/gasp/index.html">http://laurent.riesterer.free.fr/gasp/index.html</A></h2>

<P>
GASP stands for 'Generator and Analyzer System for Protocols'. It
allows you to decode and encode any protocols you specify.  
</P>

<P>
The main use is probably to test networks applications : you can
construct packets by hand and test the behavior of your program when
facing some strange packets. But you can image a lot of other
application : e.g. manipulating graphical file or executable
headers. Just describe the specification of the structured data.  
</P>

<P>
GASP is divided in two parts : a compiler which take the specification
of the protocols and generate the code to handle it, this code is a
new Tcl command as GASP in build upon Tcl/Tk and extends the scripting
facilities provided by Tcl. 
</P>

<h2><A HREF="http://pdump.lucidx.com/">http://pdump.lucidx.com/</A></h2>
<h2><A HREF="http://freshmeat.net/projects/aps/">http://freshmeat.net/projects/aps/</A></h2>
<h2><A HREF="http://freshmeat.net/projects/netsed/">http://freshmeat.net/projects/netsed/</A></h2>
<h2><A HREF="http://www.via.ecp.fr/~bbp/netsh/">http://www.via.ecp.fr/~bbp/netsh/</A></h2>
<h2><A HREF="http://www.elxsi.de/">http://www.elxsi.de/</A></h2>
<h2><A HREF="http://www.laurentconstantin.com/us/lcrzo/">http://www.laurentconstantin.com/us/lcrzo/</A></h2>
<h2><A HREF="http://www.joedog.org/libping/index.html">http://www.joedog.org/libping/index.html</A></h2>
<h2><A HREF="http://feynman.mme.wilkes.edu/projects/xNetTools/">http://feynman.mme.wilkes.edu/projects/xNetTools/</A></h2>
<h2><A HREF="http://freshmeat.net/projects/pktsrc/">http://freshmeat.net/projects/pktsrc/</A></h2>
<h2><A HREF="http://freshmeat.net/projects/lcrzoex/">http://freshmeat.net/projects/lcrzoex/</A></h2>
<h2><A HREF="http://freshmeat.net/projects/rain/">http://freshmeat.net/projects/rain/</A></h2>
<P>
rain is a powerful packet builder for testing the stability of
hardware and software. Its features include support for all IP
protocols and the ability to fully customize the packets it sends.  
</P>

<P>(Note, this is not the same as /usr/games/rain)</P>

<h2><A HREF="http://freshmeat.net/projects/libnet">http://freshmeat.net/projects/libnet</A></h2>
<h2><A HREF="http://freshmeat.net/projects/pftp">http://freshmeat.net/projects/pftp</A></h2>
<h2><A HREF="http://freshmeat.net/projects/pung">http://freshmeat.net/projects/pung</A></h2>

<P>
pung is a simple server tester. It tries to connect via TCP/IP to a
server but does not transfer any data. It is meant to be used in
scripts that check a list of servers, helping to detect certain common
problems.  
</P>

<h2><A HREF="http://freshmeat.net/projects/thesunpacketshell">http://freshmeat.net/projects/thesunpacketshell</A></h2>
<h2><A HREF="http://freshmeat.net/projects/webperformancetrainer">http://freshmeat.net/projects/webperformancetrainer</A></h2>
<h2><A HREF="http://sourceforge.net/projects/va-ctcs">http://sourceforge.net/projects/va-ctcs</A></h2>
<h2><A HREF="http://synscan.nss.nu/programs.php">http://synscan.nss.nu/programs.php</A></h2>
<h2><A HREF="http://sourceforge.net/projects/va-ctcs">http://sourceforge.net/projects/va-ctcs</A></h2>
<h2><A HREF="http://freshmeat.net/projects/ettercap/">http://freshmeat.net/projects/ettercap/</A></h2>
<h2><A HREF="http://www.dtek.chalmers.se/~d3august/xt/index.html">http://www.dtek.chalmers.se/~d3august/xt/index.html</A></h2>
<h2><A HREF="http://www.opersys.com/LTT/">http://www.opersys.com/LTT/</A></h2>
<h2><A HREF="http://packetstorm.securify.com/DoS/indexdate.shtml">http://packetstorm.securify.com/DoS/indexdate.shtml</A></h2>
<H2> <A HREF="http://comnet.technion.ac.il/~cn1w02/">TCP/IP noise simulator</A></H2>