ISIC(1) User Manuals ISIC(1)NAME
ISIC - IP Stack Integrity Checker
SYNOPSIS
esic -i <interface> [...]
isic-s <source ip> -d <destination ip> [...]
tcpsic -s <source ip>[,port] -d <destination ip>[,port] [...]
udpsic -s <source ip>[,port] -d <destination ip>[,port] [...]
icmpsic -s <source ip> -d <destination ip> [...]
multisic -s <source ip>[,port] -d <destination ip>[,port] -i <inter‐
face> [...]
isic6 -s <source ip> -d <destination ip> [...]
tcpsic6 -s <source ip>[,port] -d <destination ip>[,port] [...]
udpsic6 -s <source ip>[,port] -d <destination ip>[,port] [...]
imcpsic6 -s <source ip> -d <destination ip> [...]
DESCRIPTION
ISIC is a suite of utilities to exercise the stability of an IP Stack
and its component stacks (TCP, UDP, ICMP et. al.) It generates piles of
pseudo random packets of the target protocol. The packets are given
tendancies to conform to. For example 50% of the packets generated can
have IP Options, and 25% of the packets can be IP fragments... But the
percentages are arbitrary and most of the packet fields have a config‐
urable tendancy.
The packets are then sent against the target machine to either pene‐
trate its firewall rules or find bugs in the IP stack. ISIC also con‐
tains an utility (esic) that generates raw Ethernet frames to examine
hardware implementations, and the "multisic" tool to check multicast
code integrity.
Starting from version 0.07, ISIC includes utilities (*sic6) to test
IPv6 protocol stack. These would of course need IPv6 enabled in the
system as a prerequisite.
GENERAL OPTIONS-c <# of packets>
For esic only, number of packets to send. It is equivlent to -p
option used by other utilities. The default is 2^32.
-d <destination MAC/IP>
Optional for esic, required for all others. For esic, this spec‐
ifies destination MAC address, and the default will be broadcast
address ff:ff:ff:ff:ff:ff. For all others, this specifies des‐
tination IP address. Use "-d rand" to send packets to random
destination MAC/IP address. For multisic, "-d rand" will make
destination IP address picked from the list [224, 225, 232, 233,
234, 235, 236, 237, 238, 239] randomly.
-i <interface>
Required by esic and multisic. This specifies the interface for
outgoing packets.
-k <num>
This specifies the number of skipped packets. This option is
useful for identifying the exact packet(s) causing the problem.
Default is 0.
-l <length>
For esic only, the maximum length of packet generated. Default
is maximum ethernet frame size 1500. Length greater than
default value will be rejected.
-m <num>
For esic, this is the number of packets between printout,
default to 1000. For all others, this specifies the maximum
speed of traffic generation, unit is kB/s
-p <num>
For esic, this specifies upper layer protocol number in the eth‐
ernet header, and default to type IP 0x0800. For all others
this is the number of packets to send, default is 2^32. Note
esic uses -c instead for this purpose.
-r <random seed>
Specify the random seed, default to current process id.
-s <source MAC/IP>
Optional for esic, required for all others. For esic, this spec‐
ifies source MAC address, and the default will be the MAC
address of given interface. For all others, this specifies
source IP address. Use "-s rand" to set source MAC/IP address to
random value.
-x <num>
Available to all but esic. Send each packet <num> times, the
default value is 1.
-v Print out the current version of ISIC test suite.
-z <source MAC>
Optional for multisic. This specifies source MAC address for
outgoing multicast packets, and the default will be the MAC
address of given interface. Use "-z rand" to set source MAC
address to random value.
-D Available to all but esic, this turns on the debugging printout.
Caution: the program will print out information of every gener‐
ated packet, the entire output will be huge.
PERCENTAGE OPTIONS
These options are defined to all but esic. All percentage options have
default value of 10.
-i Available for icmpsic and icmpsic6 only, the percentage of ICMP
packets with bad ICMP checksum.
-t Available for tcpsic and tcpsic6 only, the percentage of TCP
packets with bad TCP checksum.
-u Available for tcpsic and tcpsic6 only, the percentage of TCP
packets with urgent flag set.
-F The percentage of fragmented packets. Note for *sic6, this is
the percentage of IPv6 packets with random fragment extension
header.
-I
For *sic6, this is the percentage of IPv6 packets with random
destination option header. For isic, this specifies the percent‐
age of packets with random IP header length. For tcpsic, udpsic
and icmpsic, this is the percentage of packets with random IP
option.
-T Available for tcpsic and tcpsic6 only, the percentage of TCP
options in the TCP header.
-U Available for udpsic and udpsic6 only, the percentage of UDP
packets with bad UDP checksum.
-V Avialable for isic, tcpsic, udpsic, icmpsic and isic6, this is
the percentage of packets with bad IP version value in the
header.
EXAMPLES
esic -i eth0 -s 01:02:34:56:07:89 -p rand -m 5000
This will generate ethernet frames with random protocol number
in the ethernet header, and send out through eth0 interface. In
the frames, the source MAC address is fixed 01:02:34:56:07:89,
destination will be the default broadcast MAC address. There
will be a printout line for every 5000 frames.
isic-s rand -d 10.11.12.13 -F 50 -p 100 -k 20 -r 10
This asks isic to generate 100 IP packets with randsom source
address and fixed destination address 10.11.12.13. The random
seed is set to 10. half of packets will be fragments. When
sending out, first 20 packets will be skipped, isic will start
from the 21st packet.
tcpsic -s 1.2.3.4,69 -d 21.22.23.24 -x 2 -m 1000 -T 30 -t 50
This advises tcpsic to generate TCP packets with source address
1.2.3,4 and source TCP port 69, and destination address
21.22.23.24 and random destination TCP port. Each packet will be
sent out twice, and the overall maximum speed is 1000kB/s. Of
all the TCP packets generated, 30% of packets will have random
TCP options, and 50% will have bad TCP checksum.
multisic -s rand -d 224.0.0.5 -i eth2 -p 50000 -F 50 -z
ff:ff:ff:ff:ff:ff
This lets multisic to send 50000 UDP packets to multicast
address 224.0.0.5 with random source address and source/destina‐
tion UDP ports. The egress interface is forced to be eth2. 50%
of outgoing packets will have fragments. And the source MAC
address is set to ff:ff:ff:ff:ff:ff.
udpsic6 -s rand -d 2001:1:2:3:4::2,161 -p 1000000 -I 90 -U 20
This lets udpsic6 to send 1 million IPv6 UDP packets with random
source address and source UDP port, to destination address
2001:1:2:3:4::2 and UDP port 161 (SNMP port). 90% of outgoing
packets will have random IPv6 destination option header, and 20%
of total packets will include incorrect UDP checksum.
AUTHOR
Shu Xiao <sxiao@cisco.com>
SEE ALSO
Libnet (http://www.packetfactory.net/projects/libnet)
ISIC online (http://www.packetfactory.net/projects/ISIC) or
(http://isic.sourceforge.net)
ip6sic (http://ip6sic.sourceforge.net)
v0.07 JANUARY 2007 ISIC(1)
