Auditing Firewalls

[Lance Spitzner <lance () spitzner net>]

I've updated my "Auditing Your Firewall Setup".
The paper goes into more technical detail on 
how to use the tools to audit a firewall rulebase.

I'm looking for input on a good tool to use
TTL's to map a rulebase.  Something along the lines
of setting the TTL with an namp scan so one
can firewalk a rulebase.  Unfortunately, the 
actual tool firewalk is designed to work against
a router behind the firewall.  I'm looking to
have TTL's expire on the firewall itself.  For
now I am using hping2 as a proof of concept.
The paper covers this, however I'm still 
searching for a good tool for this scan method.

Auditing Your Firewall Setup
http://www.enteract.com/~lspitz/audit.html

Thanks!

-- 
Lance Spitzner
http://project.honeynet.org


_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards