Hi there. I was wondering if any of you VB/Winsock experts out there could provide me with any helpful tips regarding a project I am carrying out for university. Basically the crux of it is: I have a simple Winsock VB6 Client/Server Instant Messaging system, and I am trying to demonstrate basic security problems pertaining to it. I would like to be able to utilise Winsock to send a "malformed data packet" from a custom "mutant client" so I can crash the IM server or render it inoperable to traffic. Then I want to integrate new code into the server so it can detect and disconnect any "mutant clients" thus avoiding this DoS-style attack from succeeding.

I have found a great deal of links on the web regarding "prevention" of malformed data packets but none regarding the actual creation of them, and creation of them using the Winsock class in VB6(SP6) which is what I'm using. This is naturally for testing purposes only inside a lab so I would appreciate if any of you guys can shed some light on my problem, or the code required? If creating a malformed packet is impossible in today's Winsock, perhaps you could suggest a different vulnerability (on the network level) I could investigate with my system? I was thinking about IP detection/prevention or something along those lines if the data packet attack cannot be achieved.

Cheers, thanks for any and all help,
Spooky63.