RE: [fw-wiz] HOW TO Guide for testing firewalls?

From: Ames, Neil (NAmes@anteon.com)
Date: 10/15/02


From: "Ames, Neil" <NAmes@anteon.com>
To: "'Teal, Robert'" <RTeal@dbr.com>, "'firewall-wizards@honor.icsalabs.com'" <firewall-wizards@honor.icsalabs.com>
Date: Tue Oct 15 17:22:18 2002

Robert,
        I have been trying to sort through the host-based firewall puzzle
and was referred to Okena's "Evaluator's Guide"
(http://www.okena.com/Pdf/SW_v3_%20Reviewers_Guide.pdf). It may be a useful
document for your purposes. There is a good bit of product information, but
you can scan through that and get to the ideas on a test setup, things to
test, and tools to use for the tests (NMAP, NESSUS, Windump, Firehole,
netcat, etc.). It's not really a step-by-step guide, but you can add
available guides (to the tools) to what Okena has given you for a pretty
good picture of "standard" vulnerabilities.
        My big issue with scoping testing host-based firewalls is that there
are two significantly different categories, the network traffic-filtering
variety and those that watch every application that tries to use the
network. You would think that the application-control firewalls would be a
superset of the host-based firewalls, but that is not the case. More on
that later.

Thank you,

Fritz

-----Original Message-----
From: Teal, Robert [mailto:RTeal@dbr.com]
Sent: Tuesday, October 15, 2002 3:04 PM
To: 'firewall-wizards@honor.icsalabs.com'
Subject: [fw-wiz] HOW TO Guide for testing firewalls?

A non-profit I volunteer for is going to be buying software firewalls for
their loaner laptops. I was wondering if anyone knows of a guide for testing
firewalls. I'd like to know of some testing tools to scan ports, send
different types of pings, emulate attacks and what I should look for in the
logs. A step by step "how to" would be great.

If you want to make sure I'm on the up and up, contact me. Thanks

Robert Teal
Manager, Information Services
Drinker, Biddle & Reath
415-591-7563
robert.teal@dbr.com

This message contains information which may be confidential and
privileged. Unless you are the addressee (or authorized to receive for the
addressee), you may not use, copy or disclose to anyone the
message or any information contained in the message. If you have
received the message in error, please advise the sender by reply e-mail
@dbr.com, and delete the message.

Thank you very much

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • Re: How to Test Firewalls Guide?
    ... My guide to test my firewalls is easy, ... >wondering if anyone knows of a guide for testing firewalls. ... >of some testing tools to scan ports, send different types of pings, or ...
    (comp.security.firewalls)
  • Re: How to use field codes to insert addressee name in pg 2 header?
    ... Use a StyleRef field for both your addressee name and the date. ... Word New User FAQ & Web Directory: http://addbalance.com/word ... Microsoft's Legal Users' Guide) http://addbalance.com/usersguide ... This message is posted to a newsgroup. ...
    (microsoft.public.word.docmanagement)
  • RE: oncheck -me
    ... -> But I can find no reference to this anywhere else in the ... This message is sent in strict confidence for the addressee only. ...
    (comp.databases.informix)
  • Re: Business Letters page 2
    ... addressee and subject are all picked up from the ... > continuation header and I don't even have to do anything with the header ... > Microsoft's Legal Users' Guide) http://addbalance.com/usersguide ... > This message is posted to a newsgroup. ...
    (microsoft.public.word.pagelayout)
  • Re: Business Letters page 2
    ... I usually put in the name of the addressee and the subject of the letter as ... they are automatically changed in the continuation header and I ... Microsoft's Legal Users' Guide) http://addbalance.com/usersguide ... This message is posted to a newsgroup. ...
    (microsoft.public.word.pagelayout)