Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Testing Security Devices, Firewall And Intrusion Detection

Status
Not open for further replies.
Sundog2004

Sundog2004

Technical User
Jun 14, 2004
4
GB
We are just in the process of deploying new firewalls and an intrusion detection system. I am looking for tools that will help me test the configuration is correct etc. I have found the Informer products from and they seem to look good, has anyone tried them or can suggest anything else?

I have tried using our vulnerability scanner but not had much joy.
 
Sort by date Sort by votes
You can download an Internet Monitoring and Reporting tool at that will show all the sites your users are going to. Depending on the logging of your new firewall you can get statistics on Blocked and Failed hits and see what your intrusion detection has not let past the firewall, Once again dependent on the logging of the firewall. It's worth a look, WebSpy software is free to evaluate for 30 days(full versions) Check it out.
 
Upvote 0 Downvote
Thanks Pat for the feedback I have used ShieldsUP before to perform some basic port testing etc. What I am really after is a way to be able to replay traffic controlling both the source and the destination so that I can have stateful traffic. I have not been able to find anything other than Blades Informer products to do this yet and I just wanted to check to see if anyone knew of anything else before I proceeded with them. What I like about the products is that you only need a laptop with two nics load the software up and then you can replay traffic between the two nics without needing a target host to respond. You just test the device in the middle by running real attacks or network traffic, all safe and controlled.

Cheers
 
Upvote 0 Downvote
You might want to take a look at Sandstorm. They've got an appliance that stores raw tcpdump data and lets you recreate entire sessions. They have an interface for searching through the data to look for specific traffic.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

T
  • Locked
  • Solved
Not able to log into my previous account, and there's no "Forget Password"
Replies
15
Views
1K
Chris Miller
Chris Miller
DrB0b
  • Locked
  • Question
Help Please, Trying to Convince Company Mixing Personal and Corporate Email is Bad Practice
Replies
9
Views
565
DrB0b
DrB0b
sara1995
  • Locked
  • Question
IDS vs Firewall vs WAF for protect website against dos attacks
Replies
1
Views
348
mattKnight
mattKnight
nate901
  • Locked
  • Question
(1) Cell phone app security and (2) Shared-site login security
Replies
1
Views
79
Noway2
Noway2
p3achy2Grl
  • Locked
  • Question
Charging Clients to complete their security questionnaires
Replies
1
Views
75
johnherman
johnherman

Part and Inventory Search

Sponsor

Back
Top