close search bar

Sorry, not available in this language yet

close language selection
TCP6 Client Data Sheet
Test Suite:
TCP6 Client
Direction:
Client

Transmission Control Protocol is the standard transport layer protocol used in IP networks. TCP over IPv6 Client Test Suite can be used for evaluating TCP/IPv6 implementations for security flaws and robustness problems in client functionalities.

Used specifications

Specification
Title
Notes
RFC793
Transmission Control Protocol
RFC862
Echo Protocol
RFC894
A Standard for the Transmission of IP Datagrams over Ethernet Networks
RFC1035
Domain Implementation and Specification
RFC1072
TCP Extensions for Long-Delay Paths
RFC1122
Requirements for Internet Hosts -- Communication Layers
RFC1146
TCP Alternate Checksum Options
RFC1323
TCP Extensions for High Performance
RFC1644
T/TCP -- TCP Extensions for Transactions Functional Specification
RFC1693
An Extension to TCP : Partial Order Service
RFC1887
An Architecture for IPv6 Unicast Address Allocation
RFC2018
TCP Selective Acknowledgment Options
RFC2104
HMAC: Keyed-Hashing for Message Authentication
RFC2375
IPv6 Multicast Address Assignments
RFC2385
Protection of BGP Sessions via the TCP MD5 Signature Option
RFC2403
The Use of HMAC-MD5-96 within ESP and AH
RFC2404
The Use of HMAC-SHA1-96 within ESP and AH
RFC2405
The ESP DES-CBC Cipher Algorithm With Explicit IV
RFC2407
The Internet IP Security Domain of Interpretation for ISAKMP
RFC2408
Internet Security Association and Key Management Protocol (ISAKMP)
RFC2409
The Internet Key Exchange (IKE)
RFC2410
The NULL Encryption Algorithm and Its Use With IPsec
RFC2451
The ESP CBC-Mode Cipher Algorithms
RFC2460
Internet Protocol, Version 6 (IPv6) Specification
Obsoletes RFC1883
RFC2462
IPv6 Stateless Address Autoconfiguration
Obsoletes RFC1971
RFC2464
Transmission of IPv6 Packets over Ethernet Networks
Obsoletes RFC1972
RFC2471
IPv6 Testing Address Allocation
Obsoletes RFC1897
RFC2473
Generic Packet Tunneling in IPv6 Specification
RFC2474
Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers
RFC2526
Reserved IPv6 Subnet Anycast Addresses
RFC2675
IPv6 Jumbogram
Obsoletes RFC2147
RFC2711
IPv6 Router Alert Option
RFC2928
Initial IPv6 Sub-TLA ID Assignments
RFC2883
An Extension to the Selective Acknowledgement (SACK) Option for TCP
RFC2988
Computing TCP's Retransmission Timer
RFC3041
Privacy Extensions for Stateless Address Autoconfiguration in IPv6
RFC3168
The Addition of Explicit Congestion Notification (ECN) to IP
RFC3178
IPv6 Multihoming Support at Site Exit Routers
RFC3306
Unicast-Prefix-based IPv6 Multicast Addresses
RFC3390
Increasing TCP's Initial Window
RFC3484
Default Address Selection for Internet Protocol version 6 (IPv6)
RFC3531
A Flexible Method for Managing the Assignment of Bits of an IPv6 Address Block
RFC3587
IPv6 Global Unicast Address Format
Obsoletes RFC2374, RFC2073
RFC3602
The AES-CBC Cipher Algorithm and Its Use with IPsec
RFC3697
IPv6 Flow Label Specification
RFC3769
Requirements for IPv6 prefix delegation
RFC3828
The Lightweight User Datagram Protocol (UDP-Lite)
RFC3879
Deprecating Site Local Addresses
RFC3956
Embedding the Rendezvous Point (RP) Address in an IPv6 Multicast Address
RFC4007
IPv6 Scoped Address Architecture
RFC4193
Unique Local IPv6 Unicast Addresses
RFC4294
IPv6 Node Requirements
RFC4291
IPv6 Addressing Architecture
Obsoletes RFC3513, RFC2373, RFC1884
RFC4301
Security Architecture for the Internet Protocol
Obsoletes RFC2401, RFC1825
RFC4302
IP Authentication Header
Obsoletes RFC2402, RFC1826
RFC4303
IP Encapsulating Security Payload
Obsoletes RFC2406, RFC1827
RFC4306
Internet Key Exchange (IKEv2) Protocol
RFC4308
Cryptographic Suites for IPsec
RFC4311
IPv6 Host-to-Router Load Sharing
RFC4443
Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification
Obsoletes RFC2463, RFC1885
RFC4489
A Method for Generating Link Scoped IPv6 Multicast Addresses
RFC4727
Experimental Values in IPv4, IPv6, ICMPv6, UDP and TCP Headers
RFC4782
Quick-Start for TCP and IP
RFC4835
Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH)
Obsoletes RFC4305, RFC2402, RFC2406
RFC4861
Neighbor Discovery for IP Version 6 (IPv6)
Obsoletes RFC1970, RFC2461
RFC5482
TCP User Timeout Option
RFC5681
TCP Congestion Control
RFC5925
The TCP Authentication Option
RFC5926
Cryptographic Algorithms for the TCP Authentication Option (TCP-AO)The TCP Authentication Option

Tool-specific information

Tested message elements
Specifications
Notes
TCP header
RFC793
TCP options
RFC793 and extensions
TCP payload
RFC793
TCP segmentation
RFC793

Tested options
Specifications
Notes
End of Option List
RFC793
No-Operation
RFC793
Maximum Segment Size
RFC793
WSOPT - Window Scale
RFC1323
SACK Permitted
RFC2018
SACK
RFC2018
Echo
RFC1072
Echo Reply
RFC1072
TSOPT - Time Stamp Option
RFC1323
Partial Order Connection Permitted
RFC1693
Partial Order Service Profile
RFC1693
CC
RFC1644
CC.NEW
RFC1644
CC.ECHO
RFC1644
TCP Alternate Checksum Request
RFC1146
TCP Alternate Checksum Data
RFC1146
Skeeter
Stev_Knowles
Bubba
Stev_Knowles
Trailer Checksum Option
Subbu_Subramaniam, Monroe_Bridges
MD5 Signature Option
RFC2385
SCPS Capabilities
Keith_Scott
Selective Negative Acknowledgements
Keith_Scott
Record Boundaries
Keith_Scott
Corruption experienced
Keith_Scott
SNAP
Vladimir_Sukonnik
TCP Compression Filter
Steve_Bellovin
Quick-Start Response
RFC4782
User Timeout Option
RFC5482
TCP Authentication Option (TCP-AO)
RFC5925
Option structure tested
RFC3692-style Experiment 1
RFC4727
RFC3692-style Experiment 2
RFC4727
Unassigned option codes
Unassigned and unknown options are tested by structural anomalies

Other features

Configurable IPsec mode, keying and algorithms

Supported AH authentication algorithms and ESP integrity algorithms: NULL, HMAC_SHA1-96, HMAC_MD5-96

Supported ESP crypto algorithms: ESP-NULL, ESP-DES-CBC, ESP-DES3-CBC, ESP-AES-CBC128, ESP-AES-CBC192, ESP-AES-CBC256

Supported SafeGuard Checks

Authentication Bypass

Weak Cryptography

Test tool general features
  • Fully automated black-box negative testing
  • Ready-made test cases
  • Written in Java(tm)
  • GUI command line remote interface modes
  • Instrumentation (health-check) capability
  • Support and maintenance
  • Comprehensive user documentation
  • Results reporting and analysis