Firewalls: Re: Testing firewalls

Firewalls
(January 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Testing firewalls
From:	lavondes @ tidtest . total . fr (Michel Lavondes)
Date:	Tue, 31 Jan 95 10:11:01 GMT
To:	fc @ all . net (Dr. Frederick B. Cohen)
Cc:	firewalls @ greatcircle . com (fw)
In-reply-to:	<199501302109 . QAA11266 @ all . net>; from "Dr. Frederick B. Cohen" at Jan 30, 95 4:09 pm
Reply-to:	lavondes @ tidtest . total . fr

Dr. Frederick B. Cohen wrote :
> 
> 	So I repeat my original question - are there any more really
> good attack tools to test my server - so far, everything I have tried
> has failed to detect several successful attacks that I know would work
> against my server if I were to hook it to my internal network.
> 

Assuming you know what kinds of attack you want to test your firewall for,
you may do the testing yourself. Assuming you have a full-fledged firewall
setup, ie dual-homed bastion host(s) bracketed by 2 packet-filtering
routers one of which connects you to the Internet, you just need a third
interface on that last one, with a RFC 1597 network #, and off you go ...
Of course, you have to keep current with, and test for, new attack modes,
but then you have to do that no matter how you manage your testing.

Just my $.02
-- 
Michel Lavondes
E-Mail : lavondes @
 tidtest .
 total .
 fr
         lavondes%tidtest .
 total .
 fr @
 pegase .
 total .
 fr (if previous addr rejected)
Tel : +33-1-4135-4198
Fax : +33-1-4135-4189

References:

Testing firewalls
From: "Dr. Frederick B. Cohen" <fc @ all . net>

Indexed By Date	Previous:	filter tester (auto attacker) From: Tim Keanini <blast @ worldbit . com>
Indexed By Date	Next:	clarification requested... From: hobbit @ bronze . lcs . mit . edu (Hobbit)
Indexed By Thread	Previous:	Testing firewalls From: "Dr. Frederick B. Cohen" <fc @ all . net>
Indexed By Thread	Next:	Re: Testing firewalls From: "Simon J. Gerraty" <sjg @ zen . void . oz . au>