Shu Xiao (sxiao)
2007-01-22 21:37:43 UTC
Please check it out at http://isic.sourceforge.net/
Changes:
ISIC (v0.07)
- New IPv6 utilities: isic6, tcpsic6, udpsic6, icmpsic6.
- New tool multisic for sending random multicast UDP packets.
- Fixed compilation errors with GCC v4.
- Added -k skip option for esic per the request from some users.
- Placed the flood control under low traffic limit case only.
The original flood protection code calls gettimeofday(),
and runs after sending each packet. This is time
consumping
and prevents the tool from reaching high traffic limit
on high speed interface (eg. 1000Base-TX). Now the flood
control will take effect only if the specified maximum
rate
is less than 10MB/s.
- Corrected -t option bug with tcpsic:
The old one was using it reversely, e.g. -t 30 would
generate
packet with 30% of them having correct TCP checksum. But
-t
is actually for the percentage of bad TCP checksum.
- Changed to used 32-bit random numbers for some fields:
For IPv4 *sic tools, the source/destination IP address
and
TCP sequence/acknowledge numbers are 32-bit width, and
should be assigned with equal size random numbers. The
old
code did not do shifting correctly.
- Changed the default value to 10 for all percentage options.
- Cleaned the usage printout of icmpsic:
There were ports used in the usage printout of icmpsic.
This
was misleading since no ports arguments needed for it.
- New manual page, try to get more help with "man isic".
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
Changes:
ISIC (v0.07)
- New IPv6 utilities: isic6, tcpsic6, udpsic6, icmpsic6.
- New tool multisic for sending random multicast UDP packets.
- Fixed compilation errors with GCC v4.
- Added -k skip option for esic per the request from some users.
- Placed the flood control under low traffic limit case only.
The original flood protection code calls gettimeofday(),
and runs after sending each packet. This is time
consumping
and prevents the tool from reaching high traffic limit
on high speed interface (eg. 1000Base-TX). Now the flood
control will take effect only if the specified maximum
rate
is less than 10MB/s.
- Corrected -t option bug with tcpsic:
The old one was using it reversely, e.g. -t 30 would
generate
packet with 30% of them having correct TCP checksum. But
-t
is actually for the percentage of bad TCP checksum.
- Changed to used 32-bit random numbers for some fields:
For IPv4 *sic tools, the source/destination IP address
and
TCP sequence/acknowledge numbers are 32-bit width, and
should be assigned with equal size random numbers. The
old
code did not do shifting correctly.
- Changed the default value to 10 for all percentage options.
- Cleaned the usage printout of icmpsic:
There were ports used in the usage printout of icmpsic.
This
was misleading since no ports arguments needed for it.
- New manual page, try to get more help with "man isic".
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------