STUN Server Data Sheet
Test Suite:
STUN Server
Direction:
Server

STUN is a toolset for NAT traversal in IP networks. Originally it was intended for usage with UDP datagrams, but has later been extended to work with other transports, as well. STUN Server Test Suite can be used for evaluating STUN server implementations for security flaws and robustness problems.

Used specifications

Specification
Title
Notes
RFC3489
STUN - Simple Traversal of User Datagram Protocol (UDP)Through Network Address Translators (NATs)
RFC5389
Session Traversal Utilities for NAT (STUN)
RFC5766
Traversal Using Relays around NAT (TURN): Relay Extensions to Session Traversal Utilities for NAT (STUN)
RFC5245
Interactive Connectivity Establishment (ICE): A Protocol for Network Address Translator (NAT) Traversal for Offer/Answer Protocols
RFC5780
NAT Behavior Discovery Using STUN
RFC5626
Managing Client Initiated Connections in the Session Initiation Protocol (SIP)
RFC5853
Test vectors for STUN
RFC6062
Traversal Using Relays around NAT (TURN) Extensions for TCP Allocations
Parameters tested
RFC6156
Traversal Using Relays around NAT (TURN) Extension for IPv4/IPv6 Transition
Parameters tested
RFC6679
Explicit Congestion Notification (ECN) for RTP over UDP
STUN attribute tested

Tool-specific information

Tested messages
Notes
Specifications
Binding Request
RFC3489, RFC5389
Shared Secret Request
RFC3489

Supported attributes
Specifications
Notes
Mapped-Address
RFC3489
Response-Address
RFC3489
Change-Request
RFC3489, RFC5780
Source-Address
RFC3489
Changed-Address
RFC3489
Username
RFC3489
Password
RFC3489
Error-Code
RFC3489
Unknown-Attributes
RFC3489
Reflected-From
RFC3489
Message-Integrity
RFC3489
Realm
RFC3489
Nonce
RFC3489
XOR-Mapped-Address
RFC3489
Server
RFC3489
Alternate-Server
RFC3489
Fingerprint
RFC5389
Priority
RFC5245
Use-Candidate
RFC5245
ICE-Controlled
RFC5245
ICE-Controlling
RFC5245
Padding
RFC5780
XOR-Response-Target
RFC5780
XOR-Reflected-From
RFC5780
Cache-Timeout
RFC5780
Response-Origin
RFC5780
Other-Address
RFC5780
Channel-Number
RFC5766
Lifetime
RFC5766
Bandwidth
RFC5766
Peer-Address
RFC5766
Data
RFC5766
Relay-Address
RFC5766
Requested-Port-Props
RFC5766
Requested-Transport
RFC5766
Requested-Ip
RFC5766
Requested-Address-Type
RFC6156
Connect-Stat
draft-ietf-behave-turn-tcp
Connection-Id
RFC6062
ECN-CHECK-STUN
RFC6679
Test tool general features
  • Fully automated black-box negative testing
  • Ready-made test cases
  • Written in Java(tm)
  • GUI command line remote interface modes
  • Instrumentation (health-check) capability
  • Support and maintenance
  • Comprehensive user documentation
  • Results reporting and analysis