Firewall Wizards mailing list archives
Re: Proxy 2.0 secure?
From: Kjell Wooding <kwooding () codetalker com>
Date: Fri, 26 Jun 1998 12:49:59 -0600
Ok, I'll bite. What would YOU describe as "real firewall testing", given that you had to test a number of independent, but NT-based firewall products, and provide advice on their performance?
(okay. you were addressing Thomas, but I'll take a stab in here anyway). I would like to see a scripted test suite that threw the following kinds of packets at a firewall (and a sniffer on the back end to see what came through) * Standard TCP port scans (Normal, Stealth, Frag, etc) * UDP Scans * Scans from well-known ports (80, 53, etc) * Stetefulness violations (set up a "permissible" packet stream, then attempt to inject packets from other hosts, desynchronize the packet stream, RST and FIN attacks - very similar to the aforementioned IDS attacks. if the Firewall's concept of state is different than the end host...) * Invalid (port 0) packets * Fragmented. (Standard, out of order, pathological, FragID 1, a la SNI's IDS testing) * Bizarre TCP (and IP) options * Invalid packets (a la Ping of Death) * All flavors of ICMP (including invalid/unassigned types and codes) * Proxy tests (there was a thread on the list earlier about throwing arbitrary data at a proxy to see if it was passed). -kj -- Kjell Wooding <kwooding () codetalker com> Codetalker Communications, Inc. For the latest Infosec News, see http://www.codetalker.com/
Current thread:
- Re: Proxy 2.0 secure?, (continued)
- Re: Proxy 2.0 secure? Mark Horn [ Net Ops ] (Jun 25)
- RE: Proxy 2.0 secure? Vanja Hrustic (Jun 25)
- RE: Proxy 2.0 secure? ark (Jun 25)
- RE: Proxy 2.0 secure? Stout, Bill (Jun 25)
- Re: Proxy 2.0 secure? Brian Steele (Jun 25)
- Re: Proxy 2.0 secure? Brian Steele (Jun 25)
- Re: Proxy 2.0 secure? tqbf (Jun 26)
- Re: Proxy 2.0 secure? Vanja Hrustic (Jun 26)
- Re: Proxy 2.0 secure? Brian Steele (Jun 25)
- Re: Proxy 2.0 secure? tqbf (Jun 26)
- Re: Proxy 2.0 secure? Kjell Wooding (Jun 26)
- Re: Proxy 2.0 secure? ark (Jun 26)
- RE: Proxy 2.0 secure? Choi, Byoung (Jun 26)
- Re: Proxy 2.0 secure? Gillian Steele (Jun 26)
- Re: Proxy 2.0 secure? Ted Doty (Jun 29)
- Re: Proxy 2.0 secure? Brian Steele (Jun 26)
- Re: Proxy 2.0 secure? Brian Steele (Jun 28)
- Re: Proxy 2.0 secure? Rodney van den Oever (Jun 29)
- Re: Proxy 2.0 secure? Brian Steele (Jun 29)
- Re: Proxy 2.0 secure? ark (Jun 29)
- Re: Proxy 2.0 secure? John McDermott (Jun 29)
(Thread continues...)