Security related tools :
Other projects :
Last version : 0.7 / 04 14 2003
NetInjector (neti) is a fast and highly configurable UDP/TCP/ICMP packet generator engine. It also incorporates a simple sniffer to view responses coming from the targets. Neti can be used to simulate a variety of probing tools (ping, traceroute, tcp-ping...) as well as testing firewall rules (TCP/UDP portscan, firewalking when playing with TTL,...).
The tool can also be used as a Denial of Service test attack generator. It's posible to generate a single packet corresponding to a known flooding attack, to see if it pass through the filtering (by sniffing on the target). It's a safe way to test a firewall that is suposed to block these kind of packets (I mean fragmented, syn only, all-flag ones, ...). Of course there's a real flooding mode, dangerous but usefull to test a new install that's not yet in production.
A collection of shell-scripts is packed with the engine as exemples of use.
All types of packets have not been tested yet. So if something doesn't work let me know and I will do my best to patch it ASAP !
Possible uses :
Usage : neti [options] [dest IP] [dest port]
neti -m TCP -F S -t 5 -f TIA -p 80 -q D targetIP targetPORT
neti -C neti.conf
neti -m ICMP -c 8 -y 0 -t 5 -f TIA target IP
neti -m UDP ...
GLOBAL options : [-C config file] use a config file for parameters [-m MODE] set the protocol : UDP, TCP, ICMP, or protocol number [-h] help [-a IP] source IP adress [-i if name] output interface to use [-p port] source port [-d filename] file to read data from [-T TTL] set the IP time to live [-o offset] set the IP offset [-q TOS] set the TOS options "TOS" is a chain set from : [C] : Minimum Cost (nntp) [R] : Maximum Reliability (snmp) [T] : Maximum Throughput (data transfert) [D] : Minimum Delay (telnet) [-O] flOOd mode [-n] numeric mode, no lookup before sending SNIFFER options : [-b] blind mode, don't listen, just send [-r] try a reverse lookup before printing [-l] listen mode, don't stop sniffing [-t TIMEOUT] timeout to wait for response in seconds [-s] set the promiscuous mode [-f FILTERS] filter incoming packets "FILTERS" is a chain set from : [U] : UDP protocol [T] : TCP protocol [I] : ICMP protocol [A] : IP Address of target TCP options : [-F FLAGS] set the TCP flags and options "FLAGS" option is a chain set from : [S] the SYN flag [A] the ACK flag [P] the PUSH flag [R] the RST flag [F] the FIN flag [U] the URG flag [T] set the TCP_TIMESTAMP option [-W WINDOW] set the TCP window ICMP options : [-y ICMP type] set the ICMP type [-c ICMP code] set the ICMP code [-g ICMP redirect gateway] set the IP of the gw [-e ICMP echo ID] set the ICMP echo ID [-H] show ICMP supported types and codes
To send a TCP packet :
Command line should be :
> neti -m TCP -p 80 -F S -T 5 -t 10 -f TAI 192.168.1.100 139
Giving the result that port is opened (we get a SYN-ACK flag in response) as shown below :
> Sending <TCP>-SYN-WIN(65535)-192.168.1.200-TTL(5) -> 192.168.1.100
> Received <TCP>-[len 56]-SYN-ACK-WIN(61690)-192.168.1.100-TTL(128) -> 192.168.1.200
Neti can be downloaded HERE .
Depends on :
No dependencies except standard LINUX netinet headers and libraries
Just unpack and run "make install" in the "Net_Injector" directory
("make uninstall" to uninstall ;))
Copyright Jean-Philippe Guillemin.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Please take a look at http://www.gnu.org/copyleft/gpl.html