Date: Mon, 24 Jan 2000 11:25:32 -0800 From: Douglas Davidson <ddavidso@apple.com> To: "Brett Glass" <brett@lariat.org> Cc: security@freebsd.org Subject: Re: stream.c as "monkey" Message-ID: <200001241925.LAA00486@scv3.apple.com>
next in thread | raw e-mail | index | archive | help
>In a way, stream.c functions as a TCP "monkey," >sending packets with insane addresses and port >numbers. (It doesn't exercise the TCP option flags, >but it could be made to do so.) Maybe this program >should be regarded as a way to beat the stuffing >out of the stack and avoid problems with long code >paths, memory allocation problems, and/or future >DoS attacks. It surely wouldn't make a bad networking >regression test. Also along these lines is "fuzz", by Barton Miller et al., which could (and probably still can) crash an alarmingly large number of command-line tools etc. by feeding them random input (CACM 33, 12 (Dec. 1990); also a followup paper in '95). It seems natural that there should be such a thing for network protocol stacks--perhaps it already exists somewhere. If I get a free moment I would be interested in producing such a thing, and perhaps others would be too. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200001241925.LAA00486>