• Home
  • History
  • Annotate
Name Date Size #Lines LOC

..03-May-2022-

Libnet-0.99b/H07-May-2022-18,55612,666

libpcap-0.4/H07-May-2022-17,22512,908

test/H07-May-2022-10067

CHANGESH A D21-Sep-19991.8 KiB7540

CREDITSH A D21-Sep-19991.5 KiB5032

INSTALLH A D26-Jul-19992.3 KiB8254

LICENSEH A D26-Jul-19991.6 KiB3026

Makefile.inH A D03-May-20221.7 KiB7651

READMEH A D29-Jul-19992.1 KiB7149

TODOH A D26-Jul-19992.7 KiB6749

VERSIONH A D21-Sep-19994 21

attack.cH A D21-Sep-19998.7 KiB369305

attack.hH A D29-Jul-19992.2 KiB6015

config.h.inH A D26-Jul-1999719 2919

configureH A D03-May-202256 KiB1,8371,494

configure.inH A D26-Jul-1999965 4736

fragrouter.8H A D21-Sep-19995.6 KiB189174

fragrouter.cH A D21-Sep-19995 KiB189127

install-shH A D26-Jul-19994.7 KiB239152

ip_frag.cH A D26-Jul-19994.9 KiB16795

ip_frag.hH A D26-Jul-19992 KiB517

list.cH A D26-Jul-19994 KiB171109

list.hH A D26-Jul-19992.2 KiB6718

misc.cH A D21-Sep-19996.2 KiB209115

misc.hH A D26-Jul-19991.9 KiB496

mkinstalldirsH A D26-Jul-1999649 3318

print.cH A D26-Jul-19999.4 KiB376274

print.hH A D26-Jul-19992 KiB517

send.cH A D21-Sep-19993.7 KiB13578

send.hH A D21-Sep-19991.9 KiB517

sniff.cH A D30-Jul-19994.1 KiB14279

sniff.hH A D29-Jul-19991.9 KiB496

tcp_seg.cH A D26-Jul-199911.8 KiB416274

tcp_seg.hH A D26-Jul-19992.3 KiB6614

version.hH A D21-Sep-199933 21

README

1
2			      ==========
3
4			      fragrouter
5
6			      ==========
7
8What is fragrouter?
9-------------------
10
11Fragrouter is a network intrusion detection evasion toolkit. It
12implements most of the attacks described in the Secure Networks
13"Insertion, Evasion, and Denial of Service: Eluding Network Intrusion
14Detection" paper of January 1998.
15
16This program was written in the hopes that a more precise testing
17methodology might be applied to the area of network intrusion
18detection, which is still a black art at best.
19
20Conceptually, fragrouter is just a one-way fragmenting router - IP
21packets get sent from the attacker to the fragrouter, which transforms
22them into a fragmented data stream to forward to the victim.
23
24             attack                  fragmented attack
25   +-------+        +------------+                      +--------+
26   | hax0r |------->| fragrouter |- - - - - - - - - - ->| victim |
27   +-------+        +------------+           |          +--------+
28                                             V
29       	                              +------+------+
30                                      | network IDS |
31                                      +-------------+
32
33Most network IDSs fall victim to this attack-hiding technique because
34they don't bother to reconstruct a coherent view of the network data
35(via IP fragmentation and TCP stream reassembly).
36
37What systems does fragrouter support?
38-------------------------------------
39
40Fragrouter is fairly portable, relying on libpcap and libnet for
41packet capture and raw IP packet construction.
42
43Fragrouter has been successfully tested on
44
45	- OpenBSD 2.x
46	- FreeBSD 3.x
47	- BSD/OS 3.x
48	- Redhat Linux 5.x
49	- Solaris 2.x
50
51Who can use fragrouter?
52-----------------------
53
54Fragrouter is licensed under a BSD-style license, as in the included
55LICENSE file. Please read the license to make sure it's okay to use it
56in your circumstances.
57
58Contact info?
59-------------
60
61The primary fragrouter site is
62
63	http://www.anzen.com/research/nidsbench/
64
65Please send bug reports, comments, or questions about this software to
66<nidsbench@anzen.com>.
67
68
69---
70$Id: README,v 1.15 1999/07/29 15:52:32 dugsong Exp $
71