Some random projects



Firewalling by Operating System in OpenBSD's PF

Uses subtle difference in TCP network stacks in order to determine the source operating system of TCP connections. By exposing the operating system of the source IP, many interesting policy decisions become enforceable. I really should get around to publishing a paper about this some day.

read more about it here

SPARC hardware stack protection

Uses the nuances of the SPARC architecture to enforce hardware protection of the stack saved return pointer under OpenBSD. Activated in OpenBSD -current in May '04 when someone braver than I hacked up GDB support.



Resulted in paper StackGhost:Sparc Hardware Facilitated Stack Protection. at the USENIX Security Symposium '01.

HC12-sim

A Motorola 68HC12 Microprocessor and peripheral simulator co-written with Richard Kennell (kennell@ecn.purdue.edu). GUI and Assembler written by Rick can be fetched via CVS as ide6812 and asm6812 respectively.

HC12 C Compiler

A thin C Compiler for the Motorola 68HC12 Micro. Supports a subset of the C language. It is in the pre code generation phase right now. Does pseudo LL parsing of most of the language with the exception of arithmatic expressions which are LR.
(This project is likely on permanent hold; it has gotten boring)

ISIC

IP Stack Integrity Checker

ISIC is a suite of utilities to exercise the stability of an IP Stack and its component stacks (TCP, UDP, ICMP et. al.) It generates piles of pseudo random packets of the target protocol. The packets can be given tendancies to conform to. Ie 50% of the packets generated can have IP Options. 25% of the packets can be IP fragments... But the percentages are arbitrary and most of the packet fields have a configurable tendancy.

The ISIC homepage has been moved to PacketFactory.

http://www.packetfactory.net/Projects/ISIC/

FMAP

Firewall MAPper

FMAP (yes, I know it sounds funny) sits behind a firewall while ISIC or another packet transmitter hurls packets at/through the firewall. Similar to filterrules, it generates a list of ports that appear to be open on the firewall. It also tabulates statistics about things that should not have gotten through the firewall. Ie: IP options, ftp-data sourceport... It allows the firewall admin/auditor to experimentally determine the firewall rules instead of trusting the firewall to do exactly what it claims to do.

Depends on PCAP

Mfilt -- (Not yet suitable for public consumption)

A kernel space stateful firewall. Currently builds and works under OpenBSD. Solaris port contingent on a acquiring a 64bit compiler. It was born on June 8th 2000 and blocked its first TCP packet on June 11th 2000. Update: TCP filtering is stateful and works like a champ.

This is dead and buried. Dug Song conscripted me into the OpenBSD posse to hack on dhartmei's PF packet filter.

Mongoose

A transparent application proxying firewall.

Proxies: 
	ftp          -  essentially done
	pop3         -  does not yet look at inner envelope
	smtp         -  does not yet look at inner envelope
	snmp-trap    -  done
	ssh          -  done (no it doesn't do a man-in-the-middle attack)
	syslog       -  done
	tcp-plug     -  done
	tcp-skeleton -  done
	telnet       -  finishing up environment negotiation
	udp-plug     -  essentially done
	imap4        -  in progress





Copyright (c) 2002 Mike Frantzen, Chicago, IL, USA.
I am powered by vi, OpenBSD, Corona and an avid hatred for HTML.