Firewall Wizards mailing list archives
RE: HOW TO Guide for testing firewalls?
From: "Ames, Neil" <NAmes () anteon com>
Date: Tue, 15 Oct 2002 17:19:13 -0400
Robert, I have been trying to sort through the host-based firewall puzzle and was referred to Okena's "Evaluator's Guide" (http://www.okena.com/Pdf/SW_v3_%20Reviewers_Guide.pdf). It may be a useful document for your purposes. There is a good bit of product information, but you can scan through that and get to the ideas on a test setup, things to test, and tools to use for the tests (NMAP, NESSUS, Windump, Firehole, netcat, etc.). It's not really a step-by-step guide, but you can add available guides (to the tools) to what Okena has given you for a pretty good picture of "standard" vulnerabilities. My big issue with scoping testing host-based firewalls is that there are two significantly different categories, the network traffic-filtering variety and those that watch every application that tries to use the network. You would think that the application-control firewalls would be a superset of the host-based firewalls, but that is not the case. More on that later. Thank you, Fritz -----Original Message----- From: Teal, Robert [mailto:RTeal () dbr com] Sent: Tuesday, October 15, 2002 3:04 PM To: 'firewall-wizards () honor icsalabs com' Subject: [fw-wiz] HOW TO Guide for testing firewalls? A non-profit I volunteer for is going to be buying software firewalls for their loaner laptops. I was wondering if anyone knows of a guide for testing firewalls. I'd like to know of some testing tools to scan ports, send different types of pings, emulate attacks and what I should look for in the logs. A step by step "how to" would be great. If you want to make sure I'm on the up and up, contact me. Thanks Robert Teal Manager, Information Services Drinker, Biddle & Reath 415-591-7563 robert.teal () dbr com This message contains information which may be confidential and privileged. Unless you are the addressee (or authorized to receive for the addressee), you may not use, copy or disclose to anyone the message or any information contained in the message. If you have received the message in error, please advise the sender by reply e-mail @dbr.com, and delete the message. Thank you very much _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- HOW TO Guide for testing firewalls? Teal, Robert (Oct 15)
- <Possible follow-ups>
- RE: HOW TO Guide for testing firewalls? Ames, Neil (Oct 15)