Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: RE: tests about latency

RE: tests about latency

From: Andrea Pasquinucci <cesare_at_ucci.it>
Date: Fri, 12 Sep 2003 20:09:15 +0200 (CEST)

On Fri, 12 Sep 2003, Paul Robertson wrote:

[ ... ]

>
> Performance testing is difficult to get right, and the numbers change for
> most devices with minor changes to the packets you're generating. Sizes,
> fragments, windows for TCP, and the like all make different devices do
> different things, _especially_ if you're trying to make a security
> decision based upon the packets. For instance, how many out of sequence
> packets will a device buffer before making the other end retransmit
> packets? Are those buffers packet-size specific? If we fill up a
> different sized buffer, will it affect overall performance for the other
> buffers, and how?
>
> The best you can hope to do is get a representative sample of traffic out
> of wherever you want to put the device, then recreate a similar mix and
> test with each piece. Everything else is a guess, and probably a poorly
> educated one unless you completely understand the characteristics of the
> hardware, stack and testing going on.

The fact that it is not so easy is confirmed by various ongoing research
projects (mostly done at univeristies, but a few companies are interested
too). A few links I have right now (apologies for those I don't find
anymore):

http://www.caida.org/analysis/performance/bandwidth/
  (famous are netperf and pathchar)

http://www-iepm.slac.stanford.edu/

http://www.ripe.net/ttm/

http://moat.nlanr.net/

http://www.merit.edu/ipma/ (dead ?)

http://ipm.mib.infn.it/ (see http://ipm.mib.infn.it/sim_projects.html for
a list of other similar projects)

http://www.advanced.org/IPPM/index.html

and there was also matrix.net (now zaffire).

Some of the techniques, applications and issues discussed in these pages
are not directly relevant to the question asked, neither to firewalls and
IT security. On the other side, Internet is now a very "complex system"
and such that we should all worry about its complexity, robustness and
fragility. In other words, it can have a life of its own, and rebel
against its users. Firewalls and routers are at the moment the objects at
the forefront, if something happens, they could mitigate the disaster or
get the blame.

Thanks for a great list.

Andrea 

--
Andrea Pasquinucci                     cesare_at_ucci.it
My public PGP key is at http://www.ucci.it/ucci_pub_key.asc
fingerprint = 569B 37F6 45A4 1A17 E06F  CCBB CB51 2983 6494 0DA2
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Sep 14 2003
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos