Import isic-0.05:

Ip Stack Integrity Checker (IP, TCP, UDP, ICMP et. al.)

ISIC (and components) is intended to test the integrity of an IP
Stack and its component stacks (TCP, UDP, ICMP et. al.)  It does
this by generating a controlled random packet (controlled randomness...
wacky huh?).  The user can specify he/she/it [I'm tempted to put
'it' before 'she' :-)] wants a stream of TCP packets.  He/she/it
suspects that the target has weak handling of IP Options (aka
Firewall-1).  So he/she/it does a 'tcpsic -s rand -d firewall
-I100'.  And observes the result.

A great use for ISIC would be to fire it through a firewall and
see if the firewall leaks packets.  But of course that would be
illegal because Network Associates owns a bogus patent on that :-)
You could do that by setting the default route on the sending
computer to the firewall.....  But that would be illegal.  (But I
can't legally have a beer so do you think I care about laws?)

By far the most common use for these tools is testing IDS systems.
A day after I took the source offline and moved it to a cvs server,
a half dozen people working on seperate home-grown IDS systems
emailed requesting the source be put back up.

5 files changed, 51 insertions, 0 deletions

diff --git a/net/isic/Makefile b/net/isic/Makefile
new file mode 100644
index 00000000000..60cb377d6bf
--- /dev/null
+++ b/net/isic/Makefile
@@ -0,0 +1,20 @@
+# $NetBSD: Makefile,v 1.1.1.1 2000/11/30 09:12:46 hubertf Exp $
+#
+
+DISTNAME=	isic-0.05
+CATEGORIES=	net
+MASTER_SITES=	http://expert.cc.purdue.edu/~frantzen/
+EXTRACT_SUFX=	.tgz
+
+MAINTAINER=	hubertf@netbsd.org
+HOMEPAGE=	http://expert.cc.purdue.edu/~frantzen/
+
+DEPENDS+=	libnet-1.*:../../devel/libnet
+
+GNU_CONFIGURE=	YES
+CONFIGURE_ENV+=	CFLAGS="-I${LOCALBASE}/include"
+
+post-install:
+	${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/doc/isic.README
+
+.include "../../mk/bsd.pkg.mk"
diff --git a/net/isic/files/md5 b/net/isic/files/md5
new file mode 100644
index 00000000000..abaa274ab8d
--- /dev/null
+++ b/net/isic/files/md5
@@ -0,0 +1,3 @@
+$NetBSD: md5,v 1.1.1.1 2000/11/30 09:12:46 hubertf Exp $
+
+MD5 (isic-0.05.tgz) = da75f4ff2b78477396b0ab30fbdbb616
diff --git a/net/isic/pkg/COMMENT b/net/isic/pkg/COMMENT
new file mode 100644
index 00000000000..ab121e9aa69
--- /dev/null
+++ b/net/isic/pkg/COMMENT
@@ -0,0 +1 @@
+Ip Stack Integrity Checker (IP, TCP, UDP, ICMP et. al.)
diff --git a/net/isic/pkg/DESCR b/net/isic/pkg/DESCR
new file mode 100644
index 00000000000..40a06676412
--- /dev/null
+++ b/net/isic/pkg/DESCR
@@ -0,0 +1,20 @@
+ISIC (and components) is intended to test the integrity of an IP
+Stack and its component stacks (TCP, UDP, ICMP et. al.)  It does
+this by generating a controlled random packet (controlled randomness...
+wacky huh?).  The user can specify he/she/it [I'm tempted to put
+'it' before 'she' :-)] wants a stream of TCP packets.  He/she/it
+suspects that the target has weak handling of IP Options (aka
+Firewall-1).  So he/she/it does a 'tcpsic -s rand -d firewall
+-I100'.  And observes the result.
+
+A great use for ISIC would be to fire it through a firewall and
+see if the firewall leaks packets.  But of course that would be
+illegal because Network Associates owns a bogus patent on that :-)
+You could do that by setting the default route on the sending
+computer to the firewall.....  But that would be illegal.  (But I
+can't legally have a beer so do you think I care about laws?)
+
+By far the most common use for these tools is testing IDS systems.
+A day after I took the source offline and moved it to a cvs server,
+a half dozen people working on seperate home-grown IDS systems
+emailed requesting the source be put back up.
diff --git a/net/isic/pkg/PLIST b/net/isic/pkg/PLIST
new file mode 100644
index 00000000000..5d911bc6a31
--- /dev/null
+++ b/net/isic/pkg/PLIST
@@ -0,0 +1,7 @@
+@comment $NetBSD: PLIST,v 1.1.1.1 2000/11/30 09:12:46 hubertf Exp $
+bin/isic
+bin/tcpsic
+bin/udpsic
+bin/icmpsic
+bin/esic
+share/doc/isic.README