One might assume that open source operating systems, such as Linux and FreeBSD, with their presumably stable implementations of the standard suite of network protocols, would address all application needs; so there should be no requirement for a developer to create a new TCP/IP stack.
TCP stack test (or TCP Engine Test)
Yet developers often need to customize or optimize their own implementations to serve specific purposes. When that occurs, it is important to engage in thorough TCP testing to assure that all functions of the protocol continue to operate. This means testing TCP conformance, compliance, and robustness / vulnerabilities in the face of attacks.
TCP Connection Diagnostics
Some TCP test tools are limited to initiating and capturing TCP packets from one device to another for debugging TCP session connectivity issues. This is a limited task that is not TCP testing, but rather a “capture and replay” tool; Wire shark is a popular choice.
TCP Socket Testing
Many free tools exist under the “TCP socket test” category – their whole purpose is to aid application developers; they are only a little more useful than telnet clients and echo servers. They provide almost no TCP stack test value (other than “fair weather” testing.)
Network utilities establishing a TCP connection between two nodes to exchange messages is of course essential to assure basic functionality of a new implementation in both client and server roles. The network traffic exchange could be captured and manually reviewed to examine the traffic exchange between various network services, firewalls, etc. However, this is not a TCP test tool, in that there is no definition of a test, expected outcome, or source of authority. Instead it is a diagnostic or inspection tool to allow one to probe and examine the traffic stream; it requires expert TCP knowledge on the part of the user.
For manual review of such packet traffic, Wire shark is probably the best free tool for the job. However, for serious, comprehensive testing, the Maxwell Pro TCP Test Suite [https://iwl.com/protocol-testing/tcp] actually finds bugs in TCP stacks or engines by sending series of pathological conditions to the TCP client or TCP server over IPv4 or IPv6. The tests ensure a sufficiently robust TCP stack or engine that is not vulnerable to the wide range of attacks in today’s Internet. The tests make use of the Maxwell Pro network emulation environment, so that each test sequence can intelligently impair all aspects of the TCP protocol. The procedure for each test is described in plain language and references the IETF RFC requirements (source of authority) being examined. The tested device's response is compared to the set of expected outcomes so it can automatically present not just a pass/fail grade, but the reason for the pass or fail. The end result is a complete report on a TCP stack's conformance and robustness.
Good Article. Facebook | Twitter | Google+ | YouTube | Instagram | LinkedIn | Medium | Behance
ReplyDelete