Import initial strongswan 2.7.0 version into SVN.

1 files changed, 188 insertions, 0 deletions

diff --git a/doc/src/testingtools.html b/doc/src/testingtools.html
new file mode 100644
index 000000000..491b1956c
--- /dev/null
+++ b/doc/src/testingtools.html
@@ -0,0 +1,188 @@
+<html>
+<head>
+<title>FreeS/WAN survey of testing tools</title>
+<!-- Changed by: Michael Richardson, 02-Jan-2002 -->
+<meta name="keywords" content="Linux, IPsec, VPN, security, FreeSWAN, testing, nettools">
+
+<!--
+
+Written by Michael Richardson for the Linux FreeS/WAN project
+Freely distributable under the GNU General Public License
+
+More information at www.freeswan.org
+Feedback to users@lists.freeswan.org
+
+$Id: testingtools.html,v 1.1 2004/03/15 20:35:24 as Exp $
+
+$Log: testingtools.html,v $
+Revision 1.1  2004/03/15 20:35:24  as
+added files from freeswan-2.04-x509-1.5.3
+
+Revision 1.1  2002/03/12 20:57:25  mcr
+	review of tools used for testing FreeSWAN systems.
+
+
+-->
+</head>
+
+<body>
+
+<h1>Survey of testing tools</h1>
+
+<h2><A HREF="http://freshmeat.net/projects/apsend">http://freshmeat.net/projects/apsend</A></h2>
+
+<P>
+About: <A HREF="">APSEND</A> is a TCP/IP packet sender to test firewalls and other
+network applications. It also includes a syn flood option, the land
+DoS attack, a DoS attack against tcpdump running on a UNIX-based
+system, a UDP-flood attack, and a ping flood option. It currently
+supports the following protocols: IP, TCP, UDP, ICMP, Ethernet frames
+and you can also build any other type of protocol using the generic
+option. The scripting language of apsend is already written, but not
+yet public.   
+</P>
+
+<P>
+STATUS: The public web site seems to have died
+</P>
+
+<h2><A HREF="http://freshmeat.net/projects/hping2">http://freshmeat.net/projects/hping2</A></h2>
+
+<P>
+About: <A HREF="http://www.hping.org/">hping2</A> is a network tool
+able to send custom ICMP/UDP/TCP packets and to display target replies
+like ping does with ICMP replies. It handles fragmentation and
+arbitrary packet body and size, and can be used to transfer files
+under supported protocols. Using hping2, you can: test firewall rules,
+perform [spoofed] port scanning, test net performance using different
+protocols, packet size, TOS (type of service), and fragmentation, do
+path MTU discovery, tranfer files (even between really Fascist
+firewall rules), perform traceroute-like actions under different
+protocols, fingerprint remote OSs, audit a TCP/IP stack, etc. hping2
+is a good tool for learning TCP/IP.  
+</P>
+
+<P>
+This utility has rather complicated usage and no man page at present. 
+The documentation is supposed to be in HPING2-HOWTO, but that file
+seems to be absent. 
+</P>
+
+<h2><A HREF="http://freshmeat.net/projects/icmpush">http://freshmeat.net/projects/icmpush</A></h2>
+
+<P>
+About: ICMPush is a tool that send ICMP packets fully customized from command
+line. This release supports the ICMP error types Unreach, Parameter
+Problem, Redirect and Source Quench and the ICMP information types
+Timestamp, Address Mask Request, Information Request, Router
+Solicitation, Router Advertisement and Echo Request. Also supports
+ip-spoofing, broadcasting and other useful features. It's really a
+powerful program for testing and debugging TCP/IP stacks and networks.
+</P>
+
+<P>
+</P>
+
+<h2><A HREF="http://freshmeat.net/projects/isic">http://freshmeat.net/projects/isic</A></h2>
+
+<P>
+ISIC sends randomly generated packets to a target computer. Its
+primary uses are to stress-test an IP stack, to find leaks in a
+firewall, and to test the implementation of IDSes and firewalls. The
+user can specify how often the packets will be frags, have IP options,
+TCP options, an urgent pointer, etc. Programs for TCP, UDP, ICMP,
+IP w/ random protocols, and random ethernet frames are included.  
+</P>
+
+<h2><A HREF="http://freshmeat.net/projects/sendpacket">http://freshmeat.net/projects/sendpacket</A></h2>
+
+<P>
+Send Packet is a small but powerful program to test how your network
+responds to specific packet content. Via a config file and/or command
+line parameters, you can forge (modify the headers of) your own
+TCP/UDP/ICMP/IP packets and send them through your network. Also,
+following the Easy Sniffer modular philosophy, you can specify wich
+modules you'd like to build.  
+</P>
+
+<h2><A HREF="http://freshmeat.net/projects/aicmpsend/">http://freshmeat.net/projects/aicmpsend/</A></h2>
+
+<P>
+AICMPSEND is an ICMP sender with many features including ICMP
+flooding and spoofing. All ICMP flags and codes are implemented. You
+can use this program for various DoS attacks, for ICMP flooding and
+to test firewalls.  
+</P>
+
+<h2><A HREF="http://freshmeat.net/projects/sendip/">http://freshmeat.net/projects/sendip/</A></h2>
+
+<P>
+SendIP is a command-line tool to send arbitrary IP packets. It has a
+large number of options to specify the content of every header of a
+RIP, TCP, UDP, ICMP, or raw IPv4/IPv6 packet. It also allows any data
+to be added to the packet. Checksums can be calculated automatically,
+but if you wish to send out wrong checksums, that is supported too.  
+</P>
+
+<h2><A HREF="http://laurent.riesterer.free.fr/gasp/index.html">http://laurent.riesterer.free.fr/gasp/index.html</A></h2>
+
+<P>
+GASP stands for 'Generator and Analyzer System for Protocols'. It
+allows you to decode and encode any protocols you specify.  
+</P>
+
+<P>
+The main use is probably to test networks applications : you can
+construct packets by hand and test the behavior of your program when
+facing some strange packets. But you can image a lot of other
+application : e.g. manipulating graphical file or executable
+headers. Just describe the specification of the structured data.  
+</P>
+
+<P>
+GASP is divided in two parts : a compiler which take the specification
+of the protocols and generate the code to handle it, this code is a
+new Tcl command as GASP in build upon Tcl/Tk and extends the scripting
+facilities provided by Tcl. 
+</P>
+
+<h2><A HREF="http://pdump.lucidx.com/">http://pdump.lucidx.com/</A></h2>
+<h2><A HREF="http://freshmeat.net/projects/aps/">http://freshmeat.net/projects/aps/</A></h2>
+<h2><A HREF="http://freshmeat.net/projects/netsed/">http://freshmeat.net/projects/netsed/</A></h2>
+<h2><A HREF="http://www.via.ecp.fr/~bbp/netsh/">http://www.via.ecp.fr/~bbp/netsh/</A></h2>
+<h2><A HREF="http://www.elxsi.de/">http://www.elxsi.de/</A></h2>
+<h2><A HREF="http://www.laurentconstantin.com/us/lcrzo/">http://www.laurentconstantin.com/us/lcrzo/</A></h2>
+<h2><A HREF="http://www.joedog.org/libping/index.html">http://www.joedog.org/libping/index.html</A></h2>
+<h2><A HREF="http://feynman.mme.wilkes.edu/projects/xNetTools/">http://feynman.mme.wilkes.edu/projects/xNetTools/</A></h2>
+<h2><A HREF="http://freshmeat.net/projects/pktsrc/">http://freshmeat.net/projects/pktsrc/</A></h2>
+<h2><A HREF="http://freshmeat.net/projects/lcrzoex/">http://freshmeat.net/projects/lcrzoex/</A></h2>
+<h2><A HREF="http://freshmeat.net/projects/rain/">http://freshmeat.net/projects/rain/</A></h2>
+<P>
+rain is a powerful packet builder for testing the stability of
+hardware and software. Its features include support for all IP
+protocols and the ability to fully customize the packets it sends.  
+</P>
+
+<P>(Note, this is not the same as /usr/games/rain)</P>
+
+<h2><A HREF="http://freshmeat.net/projects/libnet">http://freshmeat.net/projects/libnet</A></h2>
+<h2><A HREF="http://freshmeat.net/projects/pftp">http://freshmeat.net/projects/pftp</A></h2>
+<h2><A HREF="http://freshmeat.net/projects/pung">http://freshmeat.net/projects/pung</A></h2>
+
+<P>
+pung is a simple server tester. It tries to connect via TCP/IP to a
+server but does not transfer any data. It is meant to be used in
+scripts that check a list of servers, helping to detect certain common
+problems.  
+</P>
+
+<h2><A HREF="http://freshmeat.net/projects/thesunpacketshell">http://freshmeat.net/projects/thesunpacketshell</A></h2>
+<h2><A HREF="http://freshmeat.net/projects/webperformancetrainer">http://freshmeat.net/projects/webperformancetrainer</A></h2>
+<h2><A HREF="http://sourceforge.net/projects/va-ctcs">http://sourceforge.net/projects/va-ctcs</A></h2>
+<h2><A HREF="http://synscan.nss.nu/programs.php">http://synscan.nss.nu/programs.php</A></h2>
+<h2><A HREF="http://sourceforge.net/projects/va-ctcs">http://sourceforge.net/projects/va-ctcs</A></h2>
+<h2><A HREF="http://freshmeat.net/projects/ettercap/">http://freshmeat.net/projects/ettercap/</A></h2>
+<h2><A HREF="http://www.dtek.chalmers.se/~d3august/xt/index.html">http://www.dtek.chalmers.se/~d3august/xt/index.html</A></h2>
+<h2><A HREF="http://www.opersys.com/LTT/">http://www.opersys.com/LTT/</A></h2>
+<h2><A HREF="http://packetstorm.securify.com/DoS/indexdate.shtml">http://packetstorm.securify.com/DoS/indexdate.shtml</A></h2>
+<H2> <A HREF="http://comnet.technion.ac.il/~cn1w02/">TCP/IP noise simulator</A></H2>