TCP6 Client Data Sheet
Test Suite:
TCP6 Client
Direction:
Client

Transmission Control Protocol is the standard transport layer protocol used in IP networks. TCP over IPv6 Client Test Suite can be used for evaluating TCP/IPv6 implementations for security flaws and robustness problems in client functionalities.

Used specifications

Specification
Title
RFC793

Transmission Control Protocol

RFC862

Echo Protocol

RFC894

A Standard for the Transmission of IP Datagrams over Ethernet Networks

RFC1035

Domain Implementation and Specification

RFC1072

TCP Extensions for Long-Delay Paths

RFC1122

Requirements for Internet Hosts -- Communication Layers

RFC1146

TCP Alternate Checksum Options

RFC1323

TCP Extensions for High Performance

RFC1644

T/TCP -- TCP Extensions for Transactions Functional Specification

RFC1693

An Extension to TCP : Partial Order Service

RFC1887

An Architecture for IPv6 Unicast Address Allocation

RFC2018

TCP Selective Acknowledgment Options

RFC2104

HMAC: Keyed-Hashing for Message Authentication

RFC2375

IPv6 Multicast Address Assignments

RFC2385

Protection of BGP Sessions via the TCP MD5 Signature Option

RFC2403

The Use of HMAC-MD5-96 within ESP and AH

RFC2404

The Use of HMAC-SHA1-96 within ESP and AH

RFC2405

The ESP DES-CBC Cipher Algorithm With Explicit IV

RFC2407

The Internet IP Security Domain of Interpretation for ISAKMP

RFC2408

Internet Security Association and Key Management Protocol (ISAKMP)

RFC2409

The Internet Key Exchange (IKE)

RFC2410

The NULL Encryption Algorithm and Its Use With IPsec

RFC2451

The ESP CBC-Mode Cipher Algorithms

RFC2460

Internet Protocol, Version 6 (IPv6) Specification

RFC2462

IPv6 Stateless Address Autoconfiguration

RFC2464

Transmission of IPv6 Packets over Ethernet Networks

RFC2471

IPv6 Testing Address Allocation

RFC2473

Generic Packet Tunneling in IPv6 Specification

RFC2474

Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers

RFC2526

Reserved IPv6 Subnet Anycast Addresses

RFC2675

IPv6 Jumbogram

RFC2711

IPv6 Router Alert Option

RFC2928

Initial IPv6 Sub-TLA ID Assignments

RFC2883

An Extension to the Selective Acknowledgement (SACK) Option for TCP

RFC2988

Computing TCP's Retransmission Timer

RFC3041

Privacy Extensions for Stateless Address Autoconfiguration in IPv6

RFC3168

The Addition of Explicit Congestion Notification (ECN) to IP

RFC3178

IPv6 Multihoming Support at Site Exit Routers

RFC3306

Unicast-Prefix-based IPv6 Multicast Addresses

RFC3390

Increasing TCP's Initial Window

RFC3484

Default Address Selection for Internet Protocol version 6 (IPv6)

RFC3531

A Flexible Method for Managing the Assignment of Bits of an IPv6 Address Block

RFC3587

IPv6 Global Unicast Address Format

RFC3602

The AES-CBC Cipher Algorithm and Its Use with IPsec

RFC3697

IPv6 Flow Label Specification

RFC3769

Requirements for IPv6 prefix delegation

RFC3828

The Lightweight User Datagram Protocol (UDP-Lite)

RFC3879

Deprecating Site Local Addresses

RFC3956

Embedding the Rendezvous Point (RP) Address in an IPv6 Multicast Address

RFC4007

IPv6 Scoped Address Architecture

RFC4193

Unique Local IPv6 Unicast Addresses

RFC4294

IPv6 Node Requirements

RFC4291

IPv6 Addressing Architecture

RFC4301

Security Architecture for the Internet Protocol

RFC4302

IP Authentication Header

RFC4303

IP Encapsulating Security Payload

RFC4306

Internet Key Exchange (IKEv2) Protocol

RFC4308

Cryptographic Suites for IPsec

RFC4311

IPv6 Host-to-Router Load Sharing

RFC4443

Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification

RFC4489

A Method for Generating Link Scoped IPv6 Multicast Addresses

RFC4727

Experimental Values in IPv4, IPv6, ICMPv6, UDP and TCP Headers

RFC4782

Quick-Start for TCP and IP

RFC4835

Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH)

RFC4861

Neighbor Discovery for IP Version 6 (IPv6)

RFC5482

TCP User Timeout Option

RFC5681

TCP Congestion Control

RFC5925

The TCP Authentication Option

RFC5926

Cryptographic Algorithms for the TCP Authentication Option (TCP-AO)The TCP Authentication Option

Tool-specific information

Tested message elements
Specifications
Notes
TCP header
RFC793
TCP options
RFC793 and extensions
TCP payload
RFC793
TCP segmentation
RFC793

Tested options
Specifications
Notes
End of Option List
RFC793
No-Operation
RFC793
Maximum Segment Size
RFC793
WSOPT - Window Scale
RFC1323
SACK Permitted
RFC2018
SACK
RFC2018
Echo
RFC1072
Echo Reply
RFC1072
TSOPT - Time Stamp Option
RFC1323
Partial Order Connection Permitted
RFC1693
Partial Order Service Profile
RFC1693
CC
RFC1644
CC.NEW
RFC1644
CC.ECHO
RFC1644
TCP Alternate Checksum Request
RFC1146
TCP Alternate Checksum Data
RFC1146
Skeeter
Stev_Knowles
Bubba
Stev_Knowles
Trailer Checksum Option
Subbu_Subramaniam, Monroe_Bridges
MD5 Signature Option
RFC2385
SCPS Capabilities
Keith_Scott
Selective Negative Acknowledgements
Keith_Scott
Record Boundaries
Keith_Scott
Corruption experienced
Keith_Scott
SNAP
Vladimir_Sukonnik
TCP Compression Filter
Steve_Bellovin
Quick-Start Response
RFC4782
User Timeout Option
RFC5482
TCP Authentication Option (TCP-AO)
RFC5925
Option structure tested
RFC3692-style Experiment 1
RFC4727
RFC3692-style Experiment 2
RFC4727
Unassigned option codes
Unassigned and unknown options are tested by structural anomalies

Other features

Configurable IPsec mode, keying and algorithms

Supported AH authentication algorithms and ESP integrity algorithms: NULL, HMAC_SHA1-96, HMAC_MD5-96

Supported ESP crypto algorithms: ESP-NULL, ESP-DES-CBC, ESP-DES3-CBC, ESP-AES-CBC128, ESP-AES-CBC192, ESP-AES-CBC256

Supported SafeGuard Checks

Authentication Bypass

Weak Cryptography

Test tool general features
  • Fully automated black-box negative testing
  • Ready-made test cases
  • Written in Java(tm)
  • GUI command line remote interface modes
  • Instrumentation (health-check) capability
  • Support and maintenance
  • Comprehensive user documentation
  • Results reporting and analysis