If you haven't looked at "HowtoForge" it's a neat site that's valuable to bookmark and check regularly.
There is a good article up there titled "How To Test Your Linux-Distro Firewall", that gives a brief introduction to FTester. FTest is a security policy enforcement point (think Firewall or IDS) testing tool based on a couple of Perl scripts.
Anybody out there in the world that has been working with the PIX for more than ten years will tell you that this isn't a new idea. The PIX developers originally developed tools to do this (using PIX appliances) about ten years ago. Those tools were used for testing and never left Cisco (or did they?) and were called Hoover and Hooker. Hoover was named after the vacuum company because it was a powerful packet sniffer. Hooker was a packet injector named after the then popular TV cop show character played by William Shatner (after Star Trek and before ST: The Motion Picture). Well, at least that's what we told people when they asked.
No comments:
Post a Comment