Hello,
You can perform an exhaustive Cisco PIX 535 firewall load test up to the
published specifications of total concurrent connections and connections per
second with Spirent Avalanche (traffic generator) and Reflector (traffic
analyzer). The scenario will establish maximum con/sec rate the firewall can
support at its maximum concurrent connections rate. Any lost packets or
transactions will indicate the fatigue of the pix hardware. If this setup, you
can show that the translation and state tables are in no way a hard limitation
of the firewall appliance.
Creating attack is easier, search the web for freebee hacking software tools or
you can utilize the traffic generator for crafting wrong packets to test your
sockets.
EU
________________________________
From: MEURISSE Jean-Sebastien RD-CORE-LAN
[mailto:jeansebastien.meurisse@francetelecom.com]
Sent: Fri 11/18/2005 3:36 AM
To: support@kalyx.co.in; firewalls@securityfocus.com
Subject: RE: Testing Tools
Hello,
1. There are of course trafic load generation tools. In general, they are quite
honerous but make it possible to generate the load you want. Have a look at
SmartBit, Catapult, Agilent, Adtech, Ixia.
2. As for attack simulation, you can run Nessus in "aggressive mode", that will
exploit vulnerabilities instead of just listing them. To be used with care ;-)
Js
________________________________
De : support@kalyx.co.in [mailto:support@kalyx.co.in]
Envoyé : jeudi 17 novembre 2005 09:30
À : firewalls@securityfocus.com
Objet : Testing Tools
Hi,
Can anybody suggest me how to evaluate the firewall and the IPS
products like, is there a way put
traffic through the box before putting on the live network.
Can I stimulate an attack by using any software's, suggest if you know
some softwares.
Thanks & Regards
Syed Arif
