Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: traffic creation

From: p1g <killfactory () gmail com>
Date: Thu, 27 Sep 2007 11:04:36 -0400
Can't you use telnet to test open ports?

Telnet or NMAP + Ethereal(Wireshark) look for RSTs

Record traffic with tcpdump, replay it with tcpreplay?



On 9/4/07, Oğuz Yarımtepe <comp.ogz () gmail com> wrote:


Hi all,

In my test environment i have some servers (web, time, dns, email, ftp). And
they are connected to some firewalls. What i want to do is to test my
firewall rules by creating a traffic and see whether the packages are passing
and reaching to the servers or not.

As i read, hping is the tool for creating packages. So i may try to send some
TCP packages with -S flag to their open ports (80, 21 ...) and expect
packages with SA flag.

First of all is this a true approach?

Second, i want to create a random traffic like a real internet environment,
like some hosts are requesting service from my servers, trying to reach them,
and analyze the traffic and see the results as "oh ok this ip had been
restricted to my web server from firewall A and it seems the rule is
correct". So i am open to all ideas and solution about creating this test
environment. Thanx.

--
Oğuz Yarımtepe
http://www.yarimtepe.com/en




-- 
-p1g
SnortCP
  ,,__
o"     )~  oink oink
   ' ' ' '

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke
Previous By Date Next
Previous By Thread Next

Current thread: