Re: Firewall Tester 0.6

From: Andrea Barisani (lcars@infis.univ.trieste.it)
Date: 04/11/02


Date: Thu, 11 Apr 2002 19:46:12 +0200
From: Andrea Barisani <lcars@infis.univ.trieste.it>
To: Steve Halligan <giermo@geeksquad.com>

On Thu, Apr 11, 2002 at 11:41:13AM -0500, Steve Halligan wrote:
> Snort with the stream4 preprocessor will not false on these types of
> signature replaying attacks (ie Stick, Snot)

Actually my tool is designed to test that kind of features by spoofing a real
connection, in fact it was very useful in testing and finding a bug in snort stream4
preprocessor (fixed in version 1.8.6).

------------------------------------------------------------
INFIS Network Administrator & Security Officer .*.
Department of Physics - University of Trieste /V\
lcars@infis.univ.trieste.it - PGP Key 0x8E21FE82 (/ \)
---------------------------------------------------- ( )
"How would you know I'm mad?" said Alice. ^^-^^
"You must be,'said the Cat,'or you wouldn't have come here."
------------------------------------------------------------