Re: Firewall Tester 0.6

From: Andrea Barisani (
Date: 04/11/02

Date: Thu, 11 Apr 2002 19:46:12 +0200
From: Andrea Barisani <>
To: Steve Halligan <>

On Thu, Apr 11, 2002 at 11:41:13AM -0500, Steve Halligan wrote:
> Snort with the stream4 preprocessor will not false on these types of
> signature replaying attacks (ie Stick, Snot)

Actually my tool is designed to test that kind of features by spoofing a real
connection, in fact it was very useful in testing and finding a bug in snort stream4
preprocessor (fixed in version 1.8.6).

INFIS Network Administrator & Security Officer .*.
Department of Physics - University of Trieste /V\ - PGP Key 0x8E21FE82 (/ \)
---------------------------------------------------- ( )
"How would you know I'm mad?" said Alice. ^^-^^
"You must be,'said the Cat,'or you wouldn't have come here."