Date:         Tue, 22 Feb 2000 23:54:48 -0500
From: Mike Frantzen <frantzen@EXPERT.CC.PURDUE.EDU>
Subject:      Firewall and IP stack test tool
To: BUGTRAQ@SECURITYFOCUS.COM

With the re-occurrence of this unused TCP flags fiasco, I am getting off my
ass and releasing a tool to stress test IP stacks, firewall rulesets,
firewall resilience and IDS implementations.

ISIC - 0.05	(IP Stack Integrity Check)
Crafts random packets and launches them.  Can fix or randomize source/dest
IP's and Ports.  You can specify the percentage of packets to fragment,
to have IP options, to have bad IP versions....  Just about every field
can be automagically twiddled.

It contains distinct programs for TCP, UDP, ICMP, IP with a randomized
protocol field and a program for randomized raw ethernet frames.

Compiles and should work using Libnet under OpenBSD, Solaris, Linux and
FreeBSD.

http;//expert.cc.purdue.edu/~frantzen/isic-0.05.tgz
(Previous version included in OpenBSD ports tree thanks to Dug Song)

Note 1:
  A sniffer to sit behind a firewall and analyze passed packets has been
  started but is sitting on the back burner.  Needs another 3 hours coding.
Note 2:
  It melts just about anything it is targeted against.  Only a matter of
  time before someone creates an interesting distributed DoS network that
  ingress filtering won't solve.
Note to script kiddies:
  Don't bother downloading.  I don't write gui's or man pages.