NEMESIS-UDP(1)							NEMESIS-UDP(1)



NAME
       nemesis-udp - UDP Protocol (The Nemesis Project)

SYNOPSIS
       nemesis-udp  [-vZ?]  [-d Ethernet-device ] [-D destination-IP-address ]
       [-F fragmentation-options ] [-H source-MAC-address ] [-I	 IP-ID	]  [-M
       destination-MAC-address	] [-O IP-options-file ] [-P payload-file ] [-S
       source-IP-address ] [-t IP-TOS ] [-T IP-TTL ]  [-x  source-port	]  [-y
       destination-port ]

DESCRIPTION
       The  Nemesis  Project  is designed to be a command line-based, portable
       human IP stack for UNIX-like and Windows systems.  The suite is	broken
       down  by	 protocol,  and	 should allow for useful scripting of injected
       packets from simple shell scripts.

       nemesis-udp provides an interface  to  craft  and  inject  UDP  packets
       allowing	 the  user  to	specify any portion of a UDP packet as well as
       lower-level IP packet information.

UDP Options
       -P payload-file
	      This will case nemesis-udp to use the specified payload-file  as
	      the  payload  when  injecting UDP packets.  For packets injected
	      using the raw interface (where -d is not used), the maximum pay-
	      load  size  is 65467 bytes.  For packets injected using the link
	      layer interface (where -d IS used), the maximum payload size  is
	      1432  bytes.  Payloads can also be read from stdin by specifying
	      '-P -' instead of a payload file.

	      Windows systems are limited to a maximum payload	size  of  1432
	      bytes for UDP packets.

       -v verbose-mode
	      Display  the  injected packet in human readable form.  Use twice
	      to see a hexdump of the injected	packet	with  printable	 ASCII
	      characters  on the right.	 Use three times for a hexdump without
	      decoded ASCII.

       -x source-port
	      Specify the source-port within the UDP header.

       -y destination-port
	      Specify the destination-port within the UDP header.

IP OPTIONS
       -D destination-IP-address
	      Specify the destination-IP-address within the IP header.

       -F fragmentation-options (-F[D],[M],[R],[offset])
	      Specify the fragmentation options:

	      -FD (don't fragment)
	      -FM (more fragments)
	      -FR (reserved flag)
	      -F <offset>

	      within the IP header.  IP fragmentation options can be specified
	      individually  or	combined into a single argument to the -F com-
	      mand line switch by separating  the  options  with  commas  (eg.
	      '-FD,M') or spaces (eg. '-FM 223').  The IP fragmentation offset
	      is a 13-bit field with valid  values  from  0  to	 8189.	 Don't
	      fragment	(DF),  more  fragments	(MF)  and  the	reserved  flag
	      (RESERVED or RB) are 1-bit fields.

	      NOTE: Under normal conditions, the reserved flag is unset.

       -I IP-ID
	      Specify the IP-ID within the IP header.

       -O IP-options-file
	      This will cause nemesis-dns to use the specified IP-options-file
	      as  the  options	when  building	the IP header for the injected
	      packet.  IP options can be up to 40 bytes	 in  length.   The  IP
	      options  file  must  be  created manually based upon the desired
	      options.	IP options can also be read from stdin	by  specifying
	      '-O -' instead of an IP-options-file.

       -S source-IP-address
	      Specify the source-IP-address within the IP header.

       -t IP-TOS
	      Specify  the  IP-type-of-service	(TOS)  within  the  IP header.
	      Valid type of service values:

	      2	 (Minimize monetary cost)
	      4	 (Maximize reliability)
	      8	 (Maximize throughput)
	      24 (Minimize delay)

	      NOTE: Under normal conditions, only one type of service  is  set
	      within  a packet.	 To specify multiple types, specify the sum of
	      the desired values as the type of service.

       -T IP-TTL
	      Specify the IP-time-to-live (TTL) within the IP header.

DATA LINK OPTIONS
       -d Ethernet-device
	      Specify the name (for UNIX-like systems) or the number (for Win-
	      dows  systems)  of  the  Ethernet-device to use (eg. fxp0, eth0,
	      hme0, 1).

       -H source-MAC-address
	      Specify the source-MAC-address (XX:XX:XX:XX:XX:XX).

       -M destination-MAC-address
	      Specify the defination-MAC-address (XX:XX:XX:XX:XX:XX).

       -Z list-network-interfaces
	      Lists the available network interfaces  by  number  for  use  in
	      link-layer injection.

	      NOTE: This feature is only relevant to Windows systems.

DIAGNOSTICS
       Nemesis-udp  returns 0 on a successful exit, 1 if it exits on an error.

BUGS
       Send concise and clearly written bug reports to jeff@snort.org

AUTHOR
       Jeff Nathan <jeff@snort.org>

       Originally developed by Mark Grimes <mark@stateful.net>

SEE ALSO
       nemesis-arp(1), nemesis-dns(1),	nemesis-ethernet(1),  nemesis-icmp(1),
       nemesis-igmp(1),	   nemesis-ip(1),   nemesis-ospf(1),   nemesis-rip(1),
       nemesis-tcp(1)



				  16 May 2003			NEMESIS-UDP(1)
