Provided by: fragroute_1.2-7_i386 bug

NAME

       fragroute - intercept, modify, and rewrite egress traffic

SYNOPSIS

       fragroute [-f file] host

DESCRIPTION

       fragroute  intercepts,  modifies,  and rewrites egress traffic destined
       for the specified host, implementing most of the attacks  described  in
       the  Secure  Networks  ‘‘Insertion,  Evasion,  and  Denial  of Service:
       Eluding Network Intrusion Detection’’ paper of January 1998.

       The options are as follows:

       -f file
              Read   ruleset   from   the   specified    file    instead    of
              /etc/fragroute.conf.

       Unlike  fragrouter(8),  this  program  only affects packets originating
       from the local machine destined for a remote host.  Do  not  enable  IP
       forwarding on the local machine.

RULESET

       fragroute   is   composed  of  several  modules  which  enable  various
       configuration directives. Each directive operates on a  logical  packet
       queue handed to it by the previous rule.

       # string ...
              Ruleset comment, no-op.

       delay first|last|random ms
              Delay  the  delivery  of the first, last, or a randomly selected
              packet from the queue by ms milliseconds.

       drop first|last|random prob-%
              Drop the first, last, or a randomly  selected  packet  from  the
              queue with a probability of prob-% percent.

       dup first|last|random prob-%
              Duplicate  the  first,  last, or a randomly selected packet from
              the queue with a probability of prob-% percent.

       echo string ...
              Echo the string argument(s) to standard output.

       ip_chaff dup|opt|ttl
              Interleave IP packets in the queue  with  duplicate  IP  packets
              containing   different  payloads,  either  scheduled  for  later
              delivery, carrying invalid IP options, or bearing short time-to-
              live values.

       ip_frag size [old|new]
              Fragment  each  packet in the queue into size-byte IP fragments,
              preserving the complete transport header in the first  fragment.
              Optional  fragment  overlap  may  be specified as old or new, to
              favor newer or older data.

       ip_opt lsrr|ssrr ptr ip-addr ...
              Add IP options to every packet, to enable loose or strict source
              routing.  The route should be specified as list of IP addresses,
              and a bytewise pointer into them (e.g. the minimum ptr value  is
              4).

       ip_ttl ttl
              Set the IP time-to-live value of every packet to ttl.

       ip_tos tos
              Set the IP type-of-service bits for every packet to tos.

       order random|reverse
              Re-order the packets in the queue randomly, or in reverse.

       print  Print each packet in the queue in tcpdump-style format.

       tcp_chaff cksum|null|paws|rexmit|seq|syn|ttl
              Interleave TCP segments in the queue with duplicate TCP segments
              containing  different  payloads,  either  bearing  invalid   TCP
              checksums,  null  TCP control flags, older TCP timestamp options
              for PAWS elimination,  faked  retransmits  scheduled  for  later
              delivery,   out-of-window  sequence  numbers,  requests  to  re-
              synchronize sequence numbers mid-stream, or  short  time-to-live
              values.

       tcp_opt mss|wscale size
              Add  TCP options to every TCP packet, to set the maximum segment
              size or window scaling factor.

       tcp_seg size [old|new]
              Segment each TCP data segment in the queue  into  size-byte  TCP
              segments.  Optional  segment  overlap may be specified as old or
              new, to favor newer or older data.

EXAMPLES

       Fragment all traffic to a Windows host into forward-overlapping  8-byte
       fragments  (favoring  older  data),  reorder  randomly,  and  print  to
       standard output:

            ip_frag 8 old
            order random
            print

       Segment all TCP data to a host into forward-overlapping 4-byte segments
       (favoring  newer  data),  interleave  with  overwriting,  random  chaff
       segments bearing older timestamp options for PAWS elimination,  reorder
       randomly, and print to standard output:

            tcp_seg 4 new
            tcp_chaff paws
            order random
            print

FILES

       /etc/fragroute.conf
              Default configuration ruleset

SEE ALSO

       fragtest(8)

AUTHOR

       Dug Song <dugsong@monkey.org>

BUGS

       It  is  entirely possible to mangle your outgoing traffic so badly that
       no remote TCP/IP stack will accept it. K.I.S.S.

                                                                  FRAGROUTE(8)