[Snort-users] Firewall Tester 0.9

Andrea Barisani lcars at ...96...
Sat Jun 21 06:53:03 EDT 2003

Hi to all!

I've just released version 0.9 of my Firewall Tester, you can find it at:


Main new features in this version are:

* added support for CIDR notation
* extended CIDR and 'ranges' notation support to all modes
* added a new configuration syntax 'flags:' for more flexible
  conf files
* added pseudo fragments reassembly in ftestd

See the Changelog for details.

Any code contribution/improvement is very welcome ;)

Thanks to all.




The Firewall Tester, is a tool designed for testing firewalls filtering policies
and Intrusion Detection System. Basically ftester is made of a packet generator 
tool (ftest) and a sniffer (ftestd), the first script injects custom packets with 
a signature in the data part while the sniffer listens for such marked packets, 
the comparison of the sniffer logs with the injector ones permits the 
identification of firewall filtering rules. Unlike common firewall testing tools 
or packet generators ftester is capable of generating network traffic that will 
looks like real connections to the firewall or IDS system tested, this feature 
allows us to test stateful inspection firewalls (like netfilter or ipfilter) and 
IDS (like snort).  

INFIS Network Administrator & Security Officer         .*. 
Department of Physics       - University of Trieste    /V\
lcars at ...96... - PGP Key 0x8E21FE82      (/ \)
----------------------------------------------------  (   )
"How would you know I'm mad?" said Alice.             ^^-^^
"You must be,'said the Cat,'or you wouldn't have come here."

More information about the Snort-users mailing list