| | | | | | | | |
|
|
|
You're here: Home |
> > -----Original Message----- > > Scott Weeks wrote: > > >> 1.Against syn-flood: > > >> 2.Against udp/icmp flood: > > >> 3.Against Ping of death /Teardrop: > > >> 4.Against IP spoofing: > > >> 5.Against Smurf: > > > > > > Nmap, Nessus, Ethereal or Snort will not test the > > > firewall for reactions to the above attacks. ----- Original Message Follows ----- From: "Alex Abraham" <alex.abraham@samoatel.ws> > How safe are these tools? Do we need to do our own checks > to ensure that are working? Hello, The idea is that to test a non-production machine for reactions to attacks before putting it into production you need to use the tools the bad guys use. You could take a low end-box, put some type of *nix on it and install any tool you think is useful and safe. Then reinstall whatever OS after you're done and whatever was done to the box by bad tools accidentally downloaded is removed. Another thing you can do is put a hub between the attack box and the firewall and put a sniffer on it and capture every packet. Be sure to save the sniffer capture on a CD or something for later analysis. Also, be sure the firewall is completely patched and as security ready as possible before beginning. scott
