Date: Fri, 9 Mar 2001 08:03:58 -0800 From: Walter Goralski <walterg@juniper.net> To: "'freebsd-hackers@freebsd.org'" <freebsd-hackers@freebsd.org>, "'freebsd-net@freebsd.org'" <freebsd-net@freebsd.org> Subject: Generating SYN packets. Message-ID: <C0D6C1C24CDBE1449BFEF1B72AFBF3A7057ECEFE@postal.jnpr.net>
next in thread | raw e-mail | index | archive | help
Folks:
Andreas Klemm, who ported cflowd to FreeBSD, suggested I use this vehicle to
see if I could get some help.
I am a course developer for Juniper Networks, and I have just written a
2-day advanced course on router firewall filters (this is one reason for the
cflowd).
We have participants in a strictly closed lab environment configuring
filters to stop spoofs, smurf, fraggle, etc. In order to show they work, we
also have a 4.2 FreeBSD laptop that can launch smurf, fraggle, etc. at the
routers and the instructor's PC.
The missing piece has been DOS SYN attacks. I have the really common
"synk4.c" source that is all over the Web, but I get errors when I try to
compile it ("it's the linux includes" someone told me). Now, I last used my
C programming skills in the 80s on a Silent 700 teletype and a 3B20 mini, so
I tried playing around with "programming by analogy" (hey, it sometimes
works). I took fraggle.c and tried to substitute a tcp header for the udp
header. Anyway, the compiler tells me there is a syntax error in tcp.h
(right before the "n_long"), which strikes me as odd. Then it says I am
using an "incomplete type" and dereferences all of my pointers. Sometimes I
can force a compile and lonk, but none of my paramters get plugged into the
packets when I use it.
So: anybody got a quick and dirty SYN packet generator out there? A version
of synk4 that runs on 4.2? An executable?
I even tried to install hping2 from the FreeBSD ports collection, but of
course *that* won't run either. (It says my ep0 interface is not defined (!)
and seems to try to use lo.) If I use "make install," I get these run time
errors; if I use "./configure" and then "make" I get compile errors, also
about "overlapping" includes. (***Are my include files all screwed up?***
How could I tell?)
But the cflowd and RADIUS servers, also installed a couple of weeks ago from
these ports, run merrily along, so the basic system seems to be intact. I
don't think my programming efforts have scrammed the system (and I don't
have the cd-rom, since it's a company laptop), but I am very worried that I
have somehow harmed the .h files.
Meanwhile, I'm re-learning BSD socket coding. But this might be faster if
anyone can help.
(As a note, if anyone out there works for Juniper, I can configure remote
access to the laptop if required.)
Walter Goralski
walterg@juniper.net
952-938-4483
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C0D6C1C24CDBE1449BFEF1B72AFBF3A7057ECEFE>