


NEMESIS-UDP(1)					   NEMESIS-UDP(1)


NAME
       nemesis-udp - UDP Protocol (The Nemesis Project)

SYNOPSIS
       nemesis-udp  [-vZ?] [-d Ethernet-device ] [-D destination-
       IP-address ] [-F fragmentation-options ]	 [-H  source-MAC-
       address	]  [-I	IP-ID ] [-M destination-MAC-address ] [-O
       IP-options-file ] [-P payload-file ] [-S source-IP-address
       ] [-t IP-TOS ] [-T IP-TTL ] [-x source-port ] [-y destina-
       tion-port ]

DESCRIPTION
       The Nemesis Project is designed	to  be	a  command  line-
       based,  portable	 human IP stack for UNIX-like and Windows
       systems.	 The suite is broken down by protocol, and should
       allow for useful scripting of injected packets from simple
       shell scripts.

       nemesis-udp provides an interface to craft and inject  UDP
       packets	allowing the user to specify any portion of a UDP
       packet as well as lower-level IP packet information.

UDP Options
       -P payload-file
	      This will case nemesis-udp  to  use  the	specified
	      payload-file  as	the  payload  when  injecting UDP
	      packets.	For packets injected using the raw inter-
	      face  (where  -d	is not used), the maximum payload
	      size is 65467 bytes.  For	 packets  injected  using
	      the  link	 layer	interface (where -d IS used), the
	      maximum payload size is 1432 bytes.   Payloads  can
	      also  be	read  from  stdin  by  specifying  '-P -'
	      instead of a payload file.

	      Windows systems are limited to  a	 maximum  payload
	      size of 1432 bytes for UDP packets.

       -v verbose-mode
	      Display the injected packet in human readable form.
	      Use twice to see a hexdump of the injected  packet.

       -x source-port
	      Specify the source-port within the UDP header.

       -y destination-port
	      Specify the destination-port within the UDP header.

IP OPTIONS
       -D destination-IP-address
	      Specify the destination-IP-address  within  the  IP
	      header.

       -F fragmentation-options (-F[D],[M],[R],[offset])
	      Specify the fragmentation options:



			   16 May 2003				1





NEMESIS-UDP(1)					   NEMESIS-UDP(1)


	      -FD (don't fragment)
	      -FM (more fragments)
	      -FR (reserved flag)
	      -F <offset>

	      within the IP header.  IP fragmentation options can
	      be specified individually or combined into a single
	      argument	to the -F command line switch by separat-
	      ing the options with commas (eg. '-FD,M') or spaces
	      (eg.  '-FM 223').	 The IP fragmentation offset is a
	      13-bit field with valid  values  from  0	to  8189.
	      Don't  fragment  (DF),  more fragments (MF) and the
	      reserved flag (RESERVED or RB) are 1-bit fields.

	      NOTE: Under normal conditions, the reserved flag is
	      unset.

       -I IP-ID
	      Specify the IP-ID within the IP header.

       -O IP-options-file
	      This  will  cause	 nemesis-dns to use the specified
	      IP-options-file as the options when building the IP
	      header  for the injected packet.	IP options can be
	      up to 40 bytes in length.	 The IP options file must
	      be created manually based upon the desired options.
	      IP options can also be read from stdin by	 specify-
	      ing '-O -' instead of an IP-options-file.

       -S source-IP-address
	      Specify the source-IP-address within the IP header.

       -t IP-TOS
	      Specify the IP-type-of-service (TOS) within the  IP
	      header.  Valid type of service values:

	      2	 (Minimize monetary cost)
	      4	 (Maximize reliability)
	      8	 (Maximize throughput)
	      24 (Minimize delay)

	      NOTE:  Under  normal  conditions,	 only one type of
	      service is set within a packet.  To specify  multi-
	      ple types, specify the sum of the desired values as
	      the type of service.

       -T IP-TTL
	      Specify the IP-time-to-live  (TTL)  within  the  IP
	      header.

DATA LINK OPTIONS
       -d Ethernet-device
	      Specify  the  name  (for	UNIX-like systems) or the
	      number (for Windows systems) of the Ethernet-device



			   16 May 2003				2





NEMESIS-UDP(1)					   NEMESIS-UDP(1)


	      to use (eg. fxp0, eth0, hme0, 1).

       -H source-MAC-address
	      Specify the source-MAC-address (XX:XX:XX:XX:XX:XX).

       -M destination-MAC-address
	      Specify	      the	   defination-MAC-address
	      (XX:XX:XX:XX:XX:XX).

       -Z list-network-interfaces
	      Lists  the  available  network interfaces by number
	      for use in link-layer injection.

	      NOTE: This feature is only relevant to Windows sys-
	      tems.

DIAGNOSTICS
       Nemesis-udp  returns 0 on a successful exit, 1 if it exits
       on an error.

BUGS
       Send  concise  and  clearly   written   bug   reports   to
       jeff@snort.org

AUTHOR
       Jeff Nathan <jeff@snort.org>

       Originally developed by Mark Grimes <mark@stateful.net>

SEE ALSO
       nemesis-arp(1), nemesis-dns(1), nemesis-ethernet(1), neme-
       sis-icmp(1),  nemesis-igmp(1),	nemesis-ip(1),	 nemesis-
       ospf(1), nemesis-rip(1), nemesis-tcp(1)
























			   16 May 2003				3


