Topics of Interest
- Application Protocol Fuzzing
- Cloud Computing and Virtualization
- Custom Applications and Attacks
- Cyber Warfare
- Data Center Planning and Consolidation
- DDoS and Botnet Simulation
- Deep Packet Inspection
- IPTV
- IPv4/IPv6
- Layer 2-7
- Network Traffic Generation
- Performance Testing
- Security Updates
- Server Load Testing
- VoIP
- 10/40/100 GigE
Devices
Fuzzing the Routing Information Protocol (RIP)
As of the time of this writing, BreakingPoint has implemented 115 unique fuzzer strikes for 13 different protocols, most recently we added support for RIP and OSPF and a fuzzer for BGP will be coming soon. Since BreakingPoint's fuzzers are implemented as security strikes, our users are free to create any number of combinations of individual fuzzer test cases by building a custom strike-set in the Attack Manager. You can also globally tweak certain protocol parameters such as IP fragmentation or enabling several IPS evasion profiles.
Additionally, because we are talking about BreakingPoint testing tools, you can do all of your fuzzing while concurrently sending 10+ gigabits of realistic application traffic.
RIP Background
One of the best features of the modern Internet its amazing level of interconnectedness and fault tolerance. The Internet is able to repair itself as needed because of its fundamental design. As old routers fail or new ones are added, information about those routers is automatically spread around to facilitate the optimization of its resources. The Routing Information Protocol (RIP) is the oldest and simplest of routing protocols still in use today. Its current incarnation (RIP Version 2) is defined by RFC2453, adding several improvements like support for CIDR and authentication. RIP was originally implemented as the “routed” daemon for BSD Unix. Although newer protocols have largely obsoleted RIP, it is still in use today.
RIP takes a very simplistic approach to disseminating routing information based on the Bellman-Ford algorithm for finding shortest paths. This is a distance vector algorithm, meaning the hop count between routers is used to weight which route the protocol sees as optimal. Due to constraints and limitations of the protocol itself, modern RIP only gets limited use as an Interior Gateway Protocol on smaller internal networks.
Getting started
BreakingPoint users can easily set up a custom fuzzer within the BreakingPoint Control Center and create a new Attack Series containing the fuzzer strike-sets that you want to use. You can then create a new test with a security component that uses your new attack series. It is a pretty quick and intuitive process using the same general process you would use to run any of the BreakingPoint fuzzers:
- Figure 1: The Attack Manager screen
After logging on, go to the Attack Manager screen by selecting that option from the “Managers” drop down menu on the top of the screen.
- Figure 2: Creating a new Attack Series
With the Attack Manager screen open, find the panel (in the left middle) labeled “Attack Series” and click the red plus sign button. This creates an empty list of strikes that you will fill with fuzzer strikes and link to a new test later on.
Now you'll need to populate your new attack series with some strikes. To do this locate the panel labeled “Strikes and Strikesets” on the right of the Attack Manager. Click the red plus sign to search for strikes to add.
- Figure 3: Adding the RIP strike set
- Figure 4: Creating the test
- Figure 5: Running the test
From this point everything works just like any normal test. Click “Save and Run” to start it up. Be sure to monitor your test device for any errors that the fuzzers might induce.
Finally, if you get tired of seeing “test failed” every time you run because your device passes some of the fuzzer traffic, you can go to the “Define Test Criteria” menu from the test screen and click “Disable all default criteria” so that your test will always list as passed.
Tags: