Bonsai Information Security - Services

Stack testing

Bonsai’s TCP/IP stack testing service is aimed at discovering vulnerabilities in customized TCP/IP stacks. This service is meant for companies that develop Routers, Firewalls, Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS) or any other appliance for which a customized TCP/IP stack has been developed.

Common vulnerabilities identified during TCP/IP stack testing:

  1. Resource exhaustation (DoS)
  2. Buffer overflows
  3. Format strings
  4. Kernel panics
  5. Evasion of IPS detection using TCP/IP fragmentation
  6. Evasion of IPS detection using Layer 7 evasion techniques
  7. Evasion of IPS detection using specially crafted or out of order TCP packets

Members of our team have detected vulnerabilities in the above mentioned and other type of appliances from leading brands such as Internet Security Systems (ISS) and TippingPoint [1] [2], companies with which have worked jointly in order to solve detected vulnerabilities.


Our deliverables include the following:

  1. Technical report
  2. Tools and scripts needed to reproduce the vulnerabilities
  3. Executive summary
  4. Strategic recommendations

In need of a secure appliance?

Vulnerabilities in your hardware may cause large networks to crash?
Does IPS detection bypass give you nightmares?

Get a Quotation and start the process of securing your TCP/IP Stack.