Orbit

Re: [pacnog] Tools for Testing of Firewalls

by Scott Weeks

4 Jul 2006 5:50 a.m.

Hello Everyone,

Alex asked to test his firewall against:

1.Against syn-flood: 2.Against udp/icmp flood: 3.Against Ping of death /Teardrop: 4.Against IP spoofing: 5.Against Smurf:

Nmap, Nessus, Ethereal or Snort will not test the firewall for reactions to the above attacks.

scott

4 3

Replies

Hervey Allen

4 Jul 2:04 p.m.

Scott Weeks wrote:

...

Hello Everyone,

Alex asked to test his firewall against:

...
1.Against syn-flood: 2.Against udp/icmp flood: 3.Against Ping of death /Teardrop: 4.Against IP spoofing: 5.Against Smurf:

Nmap, Nessus, Ethereal or Snort will not test the firewall for reactions to the above attacks.

Good point.

Check out Packet Storm and there DoS tools here:

http://packetstormsecurity.nl/DoS/

Cheers, - Hervey

-- ------------------------------------------------- Hervey Allen Network Startup Resource Center hervey@nsrc.org GPG Key Fingerprint: AC08 31CB E453 6C65 2AB3 4EDB CEEB 5A74 C6E5 624F

Alex Abraham

4 Jul 7:39 p.m.

How safe are these tools? Do we need to do our own checks to ensure that are working?

ALex

...

-----Original Message----- From: pacnog-bounces@pacnog.org [mailto:pacnog-bounces@pacnog.org] On Behalf Of Hervey Allen Sent: Tuesday, 4 July 2006 3:05 a.m. To: surfer@mauigateway.com Cc: pacnog@pacnog.org Subject: Re: [pacnog] Tools for Testing of Firewalls

Scott Weeks wrote:

...
Hello Everyone,

Alex asked to test his firewall against:

...
1.Against syn-flood: 2.Against udp/icmp flood: 3.Against Ping of death /Teardrop: 4.Against IP spoofing: 5.Against Smurf:

Nmap, Nessus, Ethereal or Snort will not test the firewall for reactions to the above attacks.

Good point.

Check out Packet Storm and there DoS tools here:

http://packetstormsecurity.nl/DoS/

Cheers,

Hervey

--

Hervey Allen Network Startup Resource Center hervey@nsrc.org GPG Key Fingerprint: AC08 31CB E453 6C65 2AB3 4EDB CEEB 5A74 C6E5 624F _______________________________________________ pacnog mailing list pacnog@pacnog.org http://mailman.apnic.net/mailman/listinfo/pacnog

Dan McGarry

5 Jul 11:30 p.m.

Scott Weeks wrote:

...

Hello Everyone,

Alex asked to test his firewall against:

...
1.Against syn-flood: 2.Against udp/icmp flood: 3.Against Ping of death /Teardrop: 4.Against IP spoofing: 5.Against Smurf:

Nmap, Nessus, Ethereal or Snort will not test the firewall for reactions to the above attacks.

Metasploit might at least provide you with the framework for delivering some of these payloads. I typically use it for pen-testing workstations and servers, so I can't say much about its suitability for the particular tasks you're looking at.

http://www.metasploit.com/

Activity Summary

6115 days inactive
6115 days old
pacnog@pacnog.org
4 participants
3 comments

Orbit

Re: [pacnog] Tools for Testing of Firewalls

--

Activity Summary

Participants (4)