To partially test your policies, you could use a port scanner on outside and IDS/protocol analyzer on inside of firewall. If you want to do it for free, I would recommend nmap (Linux) or SuperScan (Win) for scanner and snort or ethereal (both supported in Linux and Win) for IDS/Sniffer.
-bob Jiunn-Jye Chen wrote: > Hi > I have set up one pix firewall. How can I know that the policies I > have set work properly? Is there any sofeware that can test a firewall's > policies working correctely and produce some reference data? > Thanks > Eric Chen > > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
