Firewall Tester
Results 1 to 8 of 8

Thread: Firewall Tester

  1. #1
    Senior Member
    Join Date
    Jan 2002
    Posts
    371

    Firewall Tester

    Thought that a few peeps may find this little tool useful....I have had a little look and it seems pretty kool...

    The Firewall Tester is a tool designed for testing firewalls filtering policies and Intrusion Detection System (IDS) capabilities.

    Features:

    - firewall testing
    - IDS testing
    - simulation of real tcp connections for stateful inspection firewalls (Netfilter,IPfilter...) and IDS (snort)
    - connection spoofing
    - IP fragmentation / TCP segmentation
    - IDS evasion techniques
    http://ftester.sourceforge.net/
    SoggyBottom.

    [glowpurple]There were so many fewer questions when the stars where still just the holes to heaven - JJ[/glowpurple] [gloworange]I sure could use a vacation from this bull$hit, three ringed circus side show of freaks. - Tool. [/gloworange]

  2. #2
    Senior Member
    Join Date
    Nov 2002
    Posts
    382
    It seems very interesting especially the TCP connection emulation feature.

    extract from the manpage
    "ftest and ftestd are capable of simulating a real connection this is extremly useful when you are dealing with a stateful detection firewall (like iptables) that blocks packets unrelated to an ongoing connection"
    .

    I'll try it, thanx Soggy
    [shadow] SHARING KNOWLEDGE[/shadow]

  3. #3
    Junior Member
    Join Date
    May 2003
    Posts
    12
    I've found firewall testers to be a waste of money, since you can go to numerous sites and test your firewall for free, among them Steve Gibson Research, Black Code and Astalavista. There are many sites like this. The probes by Black Code are extensive and take a little bit of time, but they are very informative, thorough and can give you a very good idea of the areas you need to shore up. I have gotten to the point where I can't find any more sites that can find any weaknesses in my defenses,and I go looking for them. Very reassuring all in all.

  4. #4
    Senior Member
    Join Date
    Jan 2002
    Posts
    371
    I've found firewall testers to be a waste of money, since you can go to numerous sites and test your firewall for free
    This may be true to Firewalls protecting an internet connection, but is not feasible for a multi-tiered Firewall architecture, and are not directly accessible from the Internet.

    It is important to remember that Firewalls have purposes other than Firewalling an Internet connection. You may want to segregate parts of your Internal network for any number of reasons.
    SoggyBottom.

    [glowpurple]There were so many fewer questions when the stars where still just the holes to heaven - JJ[/glowpurple] [gloworange]I sure could use a vacation from this bull$hit, three ringed circus side show of freaks. - Tool. [/gloworange]

  5. #5
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    Posts
    2,628

    you couldn't be more right

    Yeah like keeping the buggy software engineer's testlab the hell away from the corporate LAN while still allowing NFS and some email.

    That's why I found it funny when someone coined the term "reverse firewall". That seemed a bit odd to me.
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

  6. #6
    Junior Member
    Join Date
    May 2003
    Posts
    12
    That's true. I'm glad I rarely have to deal with networks. Also, Not all probing sites and/or firewall testers test to see how your firewall deals with what it lets out. I think a lot of people might be shocked if they knew what their firewalls let into the outside world.
    The world is a museum and I am it\'s willing patron.

  7. #7
    Senior Member
    Join Date
    May 2003
    Posts
    115
    ftester is open source, there's no money involved. for internal testing, i found it quite useful for various appliance.

    -w0rm3y

  8. #8
    Senior Member
    Join Date
    Nov 2002
    Posts
    382
    dragonwhip:
    I've found firewall testers to be a waste of money, since you can go to numerous sites and test your firewall for free, among them Steve Gibson Research, Black Code and Astalavista. There are many sites like this.
    Even for personnal comp i would't rely on such tools because there is no wy to know what there are exactly testing. I mean it just interesting to convince sm1 that its comp is not secure.
    I'd rather go for a tool which I can fully understand what it is designed for!
    Maybe am I parano´d but the only one I can trust is .... me.
    [shadow] SHARING KNOWLEDGE[/shadow]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •