[Snort-devel] FTester 1.0

Andrea Barisani andrea at ...2860...
Mon Feb 13 02:51:02 EST 2006

Hi to all!

I've just released version 1.0 of FTester, you can find it at:


This is a bugfix release and it will be the final release of the
current branch (which will be put in mainteinance mode for outstanding bugs). 
The code is currently undergoing a complete rewrite for a new architecture 
and new features (we'll probably name it with the innovative name ftester-ng),


* added marker feature for running multiple ftest/ftestd instances
* configuration directives lookup is now anchored properly
* fixed IP ID field logging bug when max value is reached

Thanks to all.




The Firewall Tester, is a tool designed for testing firewalls filtering policies
and Intrusion Detection System. Basically ftester is made of a packet generator 
tool (ftest) and a sniffer (ftestd), the first script injects custom packets with 
a signature in the data part while the sniffer listens for such marked packets, 
the comparison of the sniffer logs with the injector ones permits the 
identification of firewall filtering rules. Unlike common firewall testing tools 
or packet generators ftester is capable of generating network traffic that will 
looks like real connections to the firewall or IDS system tested, this feature 
allows us to test stateful inspection firewalls (like netfilter or ipfilter) and 
IDS (like snort).  

Andrea Barisani                             Inverse Path Ltd
Chief Security Engineer                     -----> <--------

<andrea at ...2860...>          http://www.inversepath.com
0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
       "Pluralitas non est ponenda sine necessitate"

More information about the Snort-devel mailing list