"The Codenomicon tools are amazing. Using them is like being attacked by the most relentless adversary who uses every possible method to find flaws in your code

We fixed subtle crash bugs in Samba that had been in the code for over ten years. We would never have found those bugs without the Codenomicon tools.

If you're serious about implementing protocols correctly, you need the Codenomicon tools."

-- Jeremy Allison,
   Co Creator of Samba

---

Products by Protocol

Codenomicon IPv4 Test Tool Data Sheet

• Test tool: Codenomicon IPv4 Test Tool
• Direction: Server
• Tagline: Dependability and Reliability for the Internet

Codenomicon IPv4 Test Tool helps software developers, testers and administrators search and eliminate security-related flaws in Internet Protocol Version 4 (IPv4) implementations proactively and cost-effectively. Early elimination of bugs with security implications greatly reduces costs later on in the software lifecycle. Proactive testing improves the quality and reliability of your software and help promote customer trust.

Estimates show that up to 800-900 million people depend on IPv4 for their daily communications needs. Since the inception of the Internet, IPv4 has assumed an unprecedented importance in the global scale. IPv4 implementations are found in almost all modern computer systems. This includes routers, switches, firewalls, desktop and server systems, laptops, PDAs, cell phones and other mobile systems, as well as a large number of various embedded systems. All of these devices are vulnerable to exploitation through externally-supplied malformed protocol data. Effects of malicious data range from transient parsing errors to complete system takeovers. As IPv4 and its associated protocols (TCP, UDP, ICMP, IGMP, ARP) are in an extremely crucial role in modern society, the dependability and reliability of IPv4 implementations must be verified. IPv4 implementations are often tightly coupled with the underlying operating system, which means that serious flaws in IPv4 protocol handling may easily result in total system compromises. Codenomicon IPv4 Test Tools help prevent this by making IPv4 implementations more robust. Codenomicon IPv4 Test Tools are sold in a bundle, with separate test tools for ARP, TCP, UDP, ICMP, IGMP and core IPv4.

Used specifications

Specification	Title
RFC791	Internet Protocol - DARPA Internet Program
RFC1108	U.S. Department of Defense Security Options for the Internet Protocol
RFC1191	Path MTU Discovery
RFC1385	EIP: The Extended Internet Protocol
RFC1393	Traceroute Using an IP Option
RFC1475	TP/IX: The Next Internet
RFC1770	IPv4 Option for Sender Directed Multi-Destination Delivery
RFC2113	IP Router Alert Option

Test tool general features

• Fully automated black-box negative testing
• Ready-made test cases
• Written in Java(tm)
• GUI, command line, remote interface modes
• Instrumentation (health-check) capability
• Support and maintenance
• Comprehensive user documentation
• Results reporting and analysis

Tool-specific information

Tested IP Options	Notes	Specifications
End of Option List		RFC791
No Operation		RFC791
Security		RFC791
Loose Source Routing		RFC791
Strict Source Routing		RFC791
Record Route		RFC791
Stream-ID		RFC791
Internet Timestamp		RFC791
DoD Extended Security		RFC1108
MTU Probe		RFC1191
MTU Reply		RFC1191
Extended Internet Protocol		RFC1393
IPv7 Address Extension		RFC1475
Selective directed broadcast		RFC1770
Traceroute		RFC2113
Router Alert		RFC2113
Tested known IPv4 vulnerabilities	Description
Jolt/SSPing/1234/PoD	Inability to handle data exceeding 65535 bytes due to malicious fragment usage
Teardrop	Inability to handle short/unaligned (i.e. overlapping) fragments
Teardrop2	Modification of Teardrop attack applicable to UDP
Nestea	Inability to handle "holes" inside fragmented IP data

List of available test suites. Please note that the information in these sheets is subject to periodical change.

Test Tool Datasheet:

-- select -- XML/SOAP Server XML/SOAP Client XML Parser BFD CFM E-LMI Ethernet GARP LLDP OAM PBT/PBB-TE ARP Server ARP Client ICMP IGMP IPv4 TCP Server for IPv4 TCP Client for IPv4 UDP for IPv4 ICMPv6 IPv6 PMIPv6 Server PMIPv6 Client TCP for IPv6 Server TCP for IPv6 Client Robustness Tester for Bluetooth 802.11 WLAN AP 802.11 WLAN Client 802.11 WPA AP 802.11 WPA Client CWMP (TR-069) ACS CWMP (TR-069) CPE SIP UAS SIP UAC SIP Torture Tests TLS Server TLS Client Archives Audio BGP4 Client BGP4 Server BICC Calendar CIFS Server DHCP/BOOTP Client DHCP/BOOTP Server DHCPv6 Client DHCPv6 Server Diameter Client Diameter Server DNS Client DNS Server DVMRP EAP FCoE Client FCoE Server FIP Client FIP Server FTP Client FTP Server GRE GTPv0 GTPv1 GTPv2 H.248 Gateway (ASCII) H.248 Media Gateway Controller (ASCII) H.248 Gateway (Binary) H.248 Media Gateway Controller (Binary) H.323 HTTP Client HTTP Server IKEv2 Server Images IMAP4 Client IMAP4 Server IPsec ISAKMP/IKE Client ISAKMP/IKE Server iSCSI Target IS-IS Kerberos L2TP LACP LDAPv3 Server MGCP MIME MPLS/LDP MPEG2 Transport Stream MPEG4 NetBIOS NFS NHRP NTP OCSP Client OCSP Server OSPFv2 OSPFv3 PIMv2 SM-DM POP3 Client POP3 Server PPPoE PTP Client PTP Server RADIUS RIP RIPng RSVP RTP RTSP Client RTSP Server SCTP SigComp SMB2 Client SMB2 Server SMPP Server SMS over SMPP SMS PDU SMTP Client SMTP Server SNMPv2c SNMPv3 SNMP Trap SSH1 Server SSH2 Server STP STUN Client STUN Server SunRPC Syslog Server TACACS Server TACACS NAS Telnet Server TFTP Server Traffic Capture TURN Client TURN Server Universal Fuzzer UPnP SSDP Control Point UPnP SSDP Device UPnP GENA Server UPnP Multicast Eventing UPnP SOAP vCard Video VRRP X.509