I want to test the behaviour of a router when it receives IP packets that have been tampered with in very specific ways.
I'm curious to hear what options there are to change IP packets, preferably in a live session if that is doable. I've tried tcpreplay which can replay network traffic from a pcap file, and it is close to what I want, since I can edit the pcap file before I replay it. But can I do this on the fly? I've heard of tools like scapy, bittwist, and netsed but haven't played around with these yet.
Specifically I'm interested in ESP packets (IP protocol 50) and want to be able to modify IP headers as well as payload.
What would be the best approach?
No comments:
Post a Comment