Activity Summary
- 6362 days inactive
- 6362 days old
- pacnog@pacnog.org
- 4 participants
- 3 comments
j
: Next unread message k
: Previous unread message j a
: Jump to all threads
j l
: Jump to MailingList overview
Hello Everyone,
Alex asked to test his firewall against:
1.Against syn-flood: 2.Against udp/icmp flood: 3.Against Ping of death /Teardrop: 4.Against IP spoofing: 5.Against Smurf:
Nmap, Nessus, Ethereal or Snort will not test the firewall for reactions to the above attacks.
scott
Scott Weeks wrote:
Hello Everyone,
Alex asked to test his firewall against:
1.Against syn-flood: 2.Against udp/icmp flood: 3.Against Ping of death /Teardrop: 4.Against IP spoofing: 5.Against Smurf:
Nmap, Nessus, Ethereal or Snort will not test the firewall for reactions to the above attacks.
Good point.
Check out Packet Storm and there DoS tools here:
http://packetstormsecurity.nl/DoS/
Cheers, - Hervey
How safe are these tools? Do we need to do our own checks to ensure that are working?
ALex
-----Original Message----- From: pacnog-bounces@pacnog.org [mailto:pacnog-bounces@pacnog.org] On Behalf Of Hervey Allen Sent: Tuesday, 4 July 2006 3:05 a.m. To: surfer@mauigateway.com Cc: pacnog@pacnog.org Subject: Re: [pacnog] Tools for Testing of Firewalls
Scott Weeks wrote:
Hello Everyone,
Alex asked to test his firewall against:
1.Against syn-flood: 2.Against udp/icmp flood: 3.Against Ping of death /Teardrop: 4.Against IP spoofing: 5.Against Smurf:
Nmap, Nessus, Ethereal or Snort will not test the firewall for reactions to the above attacks.
Good point.
Check out Packet Storm and there DoS tools here:
http://packetstormsecurity.nl/DoS/
Cheers,
- Hervey
--
Hervey Allen Network Startup Resource Center hervey@nsrc.org GPG Key Fingerprint: AC08 31CB E453 6C65 2AB3 4EDB CEEB 5A74 C6E5 624F _______________________________________________ pacnog mailing list pacnog@pacnog.org http://mailman.apnic.net/mailman/listinfo/pacnog
Scott Weeks wrote:
Hello Everyone,
Alex asked to test his firewall against:
1.Against syn-flood: 2.Against udp/icmp flood: 3.Against Ping of death /Teardrop: 4.Against IP spoofing: 5.Against Smurf:
Nmap, Nessus, Ethereal or Snort will not test the firewall for reactions to the above attacks.
Metasploit might at least provide you with the framework for delivering some of these payloads. I typically use it for pen-testing workstations and servers, so I can't say much about its suitability for the particular tasks you're looking at.
See also the links in this post:
http://seclists.org/lists/pen-test/2005/Jan/0074.html
This tool in particular might be even better than what you're looking for, as it more or less throws random noise at a network device:
http://www.packetfactory.net/projects/ISIC/
This means that you can also trap for accidental or unforeseen breakage.
Good luck, and let us know what you come up with....