|| Network monitoring software such as IDS typically examines only complete IP datagrams. Thus, attackers are able to fragment their IP traffic to pass through corporate networks undetected and bypass perimeter security devices. While most network monitoring software like IDS is now capable of handling fragmented traffic, intruders still often attempt this type of attack that can bypass IDS and take systems out of commission, or result in information being stolen or corrupted.
As part of its new charter, Foundstone Labs created IPv4Trace, a Win32 C++ programming library. Because IPv4Trace is a Win32 object-oriented port of the OpenBSD 2.8 kernel-land IPv4 fragment reassembly implementation, Win32 programmers can now use the tool to reassemble fragmented IPv4 traffic in programs that process captured network traffic, allowing them to proactively circumvent an attack that can take systems out of commission or result in information being stolen or corrupted.