fragroute
Test a NIDS by attempting to evade using fragmented packets
Install
- All systems
-
curl cmd.cat/fragroute.sh
- Kali Linux
-
apt-get install fragroute
- OS X
-
brew install fragroute
- Dockerfile
- dockerfile.run/fragroute
fragroute
Test a NIDS by attempting to evade using fragmented packets
fragroute intercepts, modifies, and rewrites egress traffic destined for a specified host, implementing most of the attacks described in the Secure Networks "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection" paper of January 1998. It features a simple ruleset language to delay, duplicate, drop, fragment, overlap, print, reorder, segment, source-route, or otherwise monkey with all outbound packets destined for a target host, with minimal support for randomized or probabilistic behaviour. This tool was written in good faith to aid in the testing of network intrusion detection systems, firewalls, and basic TCP/IP stack behaviour. Please do not abuse this software.