Dr. Frederick B. Cohen wrote :
> So I repeat my original question - are there any more really
> good attack tools to test my server - so far, everything I have tried
> has failed to detect several successful attacks that I know would work
> against my server if I were to hook it to my internal network.
Assuming you know what kinds of attack you want to test your firewall for,
you may do the testing yourself. Assuming you have a full-fledged firewall
setup, ie dual-homed bastion host(s) bracketed by 2 packet-filtering
routers one of which connects you to the Internet, you just need a third
interface on that last one, with a RFC 1597 network #, and off you go ...
Of course, you have to keep current with, and test for, new attack modes,
but then you have to do that no matter how you manage your testing.
Just my $.02
E-Mail : lavondes @
fr (if previous addr rejected)
Tel : +33-1-4135-4198
Fax : +33-1-4135-4189