You could use tcpsic for testing how well the appliance handles
fragmented packets, you could use nikto and nessus to see how many
attacks each one detects and finally you could setup a lab with two PC's
and try to exploit a know vuln with metasploit to see how well the
appliance handles real attacks. There are also some tools that do a HTTP
GET flood, that could be interesting to test also.
Jimmy Stewpot wrote:
> Hello,
>
> I am currently evaluating some UTM devices (fortinet, SonicWALL etc as
> per my previous posts). So far my testing has been fairly limited. I
> am currently looking to see if there are any tools around to test
> these types of devices, Currently my testing is all done through basic
> perl scripts however the information I get back from them is not
> really ideal, Any ideas or recommendations would be greatly appreciated.
>
> Regards,
>
> Jimmy.
>
> ------------------------------------------------------------------------
> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it with real-world attacks from
> CORE IMPACT.
> Go to
> http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to
> learn more.
> ------------------------------------------------------------------------
>
--
Andres Riancho
www.securearg.net <http://www.securearg.net/>
/Secure from the source/
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
Received on Jan 10 2006
Intro
