Use 2 boxes one outside firewall and the other inside. Connect from the inside box to the outside via web port 80. Your connection from inside should be on some high port above 1024. Run tcpdump on the host inside the firewall and determine which ports you are really using and the seq and ack numbers( you will probably need to use a tcpdump switch to use absolute seq numbers). Use a packet generation tools such as HPING from outside the firewall to forge a packet using same ip, same port but differnt seq or ack numbers. This should semi test HTTP. Then you will probably want to check ftp and then move on to more difficult protocols.
On Fri, 5 Oct 2001, Jason Yuan wrote: > > Check Point has patented Stateful Inspection technology way back in 1993. Their >products have matured over the years. They undoubtly have the largest market share. > > During the last few years, there are plenty of vendors that step up to the plate >selling firewalls and VPNs. Almost all of them claim that they have similar >technology toward Stateful Inspection. > > We get calls from these vendors / or from our customers all the time. However, I >have doubts about some of the vendor's security implementation. How would I know if >it were just packet filtering technology? (Some of them were selling hubs last >year!). Yet I do NOT have a good way to evaulate the truthfulness about stateful >inspection. > > Any suggestions? > > Jason > > > Jason Yuan > Consultant > Niles Associates > Tel: 510-385-3988 > Fax: 815-327-6544 > > > --------------------------------- > Do You Yahoo!? > NEW from Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. >Yahoo! by Phone. _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
