August 30th, 2004 01:25 AM
Fragrouter vs firewalls
Hello again.I am trying to use Fragrouter in order to test a number of personal firewall on how they respond to fragmentation attacks(i am trying to see if any packets will go through not to perform a DoS attack on the firewalls).I am an inexperienced linux user and completely new to the tool....
After doing an ifconfig i get the following
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:20913 errors:0 dropped:0 overruns:0 frame:0
TX packets:20913 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:1427630 (1.3 Mb) TX bytes:1427630 (1.3 Mb)
ppp0 Link encap:Point-to-Point Protocol
inet addr:XXX.XXX.XXX.XXX P-t-P:XXX.XXX.XXX.XXX Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP PROMISC MULTICAST MTU:16384 Metric:1
RX packets:1575 errors:0 dropped:0 overruns:0 frame:0
TX packets:1558 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:1170989 (1.1 Mb) TX bytes:174288 (170.2 Kb)
After that i try the following command
#fragrouter -i ppp0 -C3
and get this
sniff_init failed: ethernet address used in non-ether expression
If it makes any difference i am using USB asdl modem to connect to the internet and i am trying to test firewall on another IP which is connect with a 56K modem
Anyboody can help?
P.S I am also looking for a tool to perform blind TCP hijacking attacks on the firewalls.Any ideas?I have tryied hunt but it in order to do anything you first need to perform ARP poisoning .Since the firewalls i am testing will be on a completely seperate network what can i make use of?
P.S.2 I know that fragment will about 99,9% wont allow me to pass packets through the personal firewall in the market today but i still want to test it.