Security Basics mailing list archives

Re: Firewall Testing

From: MaddHatter <maddhatt+securitybasics () cat pdx edu>
Date: Wed, 9 May 2007 11:58:02 -0700

Lyndon Barry <lyndon () d-a-p net> said (on 2007/05/09):

From: Lyndon Barry <lyndon () d-a-p net>
Subject: Firewall Testing

...
I was hoping someone here might point me towards a site, or tool, that could
generate immense amounts of network activity ...


They're not cheap, but they are good -- and fully capable of generating
line-speed gigabit traffic conforming to whatever rules you like. They're
fast enough to lock up any NIC/switch/router that claims to be gigabit but
is really just > 100Mb. (I won't mention any specific product names.) If
this is something you'll only need for a one-shot deal, maybe you can
borrow one from someone.  http://www.ixiacom.com/products/interfaces/

If you don't need that degree of loading and analysis, you might be able to
get away with a couple fast computers (one as a server, one as the client)
with decent Gb NICs running iperf. You can twiddle with the options to
generate sustained heavy traffic loads that will get pretty close to "as
fast as the intermediate network will allow," assuming the intermediate
network is the limiting factor.  http://sourceforge.net/projects/iperf

Current thread:

Firewall Testing Lyndon Barry (May 09)
- Re: Firewall Testing MaddHatter (May 09)
- Re: Firewall Testing Michael Painter (May 09)
- Re: Firewall Testing Alex Bondarenko (May 14)
  - Re: Firewall Testing Lyndon Barry (May 15)
- <Possible follow-ups>
- RE: Firewall Testing Al Saenz (May 09)
- Re: Firewall Testing Alex Bondarenko (May 15)
  - Re: Firewall Testing Peter Koinange (May 16)
    - When IT Manager breaks rules WALI (May 17)
    - RE: When IT Manager breaks rules April Carson (May 18)
    - Re: When IT Manager breaks rules Byron (Yahoo) (May 24)
    - RE: When IT Manager breaks rules Trevor Greenfield (May 18)

(Thread continues...)