i am looking for a good packet builder/sender to test my firewall on my slack9 laptop from my rh8 virtual machine. Anyone got any suggestions?

anyone ever test their firewall themselves before letting the net test it? If so, how bout suggestions for a tool to do so.
I tried apsend but i am having problems getting it installed.

Please do not double post, it's against the rules and makes for confusion when trying to help.
http://www.linuxquestions.org/questi...threadid=71535


I'm going to move your thread to Linux - Security as I think it'll get the attention it needs over there. If you disagree with this, contact me.

Cool

please read the other post for my deepest apologies in not being fully aware of all the rules. I am sorry for the attitude and everything. But PLEASE PLEASE PLEASE can i have an answer. If you dont have an answer then i am guessing you dont have a firewall or that you dont test your firewall so just post your ip and i will make sure someone comes and helps you out with showing you a need for it. Now, the big huge question at hand:

I NEED TO TEST MY FIREWALL BEFORE I USE IT ON THE NET AS THE FIREWALL FOR MY NETWORK. CAN ANYONE SUGGEST A PACKET BUILDER/SENDER THAT IS EASY TO INSTALL UNDER RH8 THAT I CAN USE FOR THIS?

My personal thanks and gratitude to anyone (and i know all the moderators do have answers to this question) who can help me.

someone suggested saint? what is this saint program and can i get it in a RH8 rpm format?

If you dont have an answer then i am guessing you dont have a firewall or that you dont test your firewall so just post your ip and i will make sure someone comes and helps you out with showing you a need for it.
This approach will not entice people to answer. You will refrain from asking for/collecting people's IP addresses for any purpose.

I NEED TO TEST MY FIREW(..)
Don't shout. It is not proper netiquette.

i am looking for a good packet builder/sender to test my firewall
Isic, Ippacket, Dug Song's and Mixter's tools, Nmap, Nessusd, Hping, Xprobe, all depends on your needs for illegal flag combo/spoofed address/DoS detection, or really audit what's behind the fw.

Here's some major tools listings to keep you busy selecting tools:
http://www.insecure.org/tools.html
http://sites.inka.de/sites/lina/freefire-l/
http://www.cerias.purdue.edu/coast/a...ory_index.html

someone suggested saint? what is this saint program and can i get it in a RH8 rpm format?
By Jove! Googling around for info ain't your strongest point I see :-]
Try www.wwdsi.com.

HTH

spawn your the shit.

I am sorry i shouted but i get frustrated when i am trying to learn and moderators starting being pricks instead of answering the question. I am sorry i doubled posted but it was a issue with the moderator. anyway, i wasn't asking for peoples ip's literally. I was being sarcastic in response to a moderators comment from another post. I know they use these tools themselves so its frustrating when i get a rude response instead of a answer.

I need these tools for my personal protection, no other!
My questions weren't answered most likely on the basis that "I dont need a custom packet builder because they are only used to hack other people". We all know this is not true. If i can send a SYN flood to my machine and crash it, then so can other hackers.

Thankyou for being a person who would like to answer me and not play police to me. Once again i am sorry for getting an attitude (i have been at this for about three weeks and while i am picking up on some of it, i am still a noob when it comes to other things). I get tired and then moderators (who aren't even moderating their own forums) start getting rude with me and it just makes everyone unhappy. I know i ask simple dumb questions sometimes but i am new to all this.

Once again, thankyou for your kindness in helping me.

p.s. yeah i am a bad googler, its just that i get 9,186,753 responses to something so specific its unbelievable and 3/4 of them are bullshit commercialism.
I hate commercialism!!

//moderator.note: I just found out you been cross-posting questions AGAIN (see here). This means your promises and apologies are not in line with your posting behaviour. Cross-posting clutters fora and wastes your fellow LQ members' goodwill, efforts and time.
As a "corrective measure" I'm giving you with 8 warning points for disrespecting moderators after several warnings not to cross-post.

If you would like to dispute my moderating actions, you are invited to take it up with me by email. If the outcome of that discussion is not satisfactory to you, you are allowed to take it up with the site owner, Jeremy.

Thankyou for being a person who would like to answer me and not play police to me.
Woops! Posted too soon. Well, after you read the post above I guess I ain't "the shit" anymore... Warning points still stand cuz of x-posting, just hope you can understand our POV and the things we have to do to keep the site clean.

allright first of all, you are still the shit, yes, i did cross post but look at the time of posting. the again crosspost was done before i read this post. Second of all, i understand that you were posting while i was typing. I just hope that you understand the same thing because that was the cause of all this unecessary posting. That last crosspost was way earlier. So, therefore my apologies do line up with my posting.

I understand so lets get on to something else and not hold it against each other. If it is that bad, i will just go ask questions somewhere else its no big deal. there is a reason i would rather struggle with my computer than deal with people. fortunately, for most everyone else, noone is dealing with me in person.

honestly, if i am a problem i will go elsewhere, just post "go elsewhere"

Me and you are still cool though unSpawn at least as far as i am concerned.

I just hope that you understand the same thing because that was the cause of all this unecessary posting. That last crosspost was way earlier. So, therefore my apologies do line up with my posting.
As moderator I have to disagree, but at the same time noticing the stance you take now, I do agree it would be best to not go into it.

If it is that bad, i will just go ask questions somewhere else its no big deal.
Well, yes, leaving *is* a big deal. For you, because you'll miss interacting with a knowledgable, friendly and helpfull community of 30K members and growing, and for us, cuz maybe later on you'll surprise us and we'll learn something from you...


Hop on the crazy ride again and enjoy LQ, I'd say...

Good post spawn but you can't forget firewalk (/me loves firewalk) http://www.packetfactory.net/firewalk/ and if you want everything bundled in a bootable cdrom based linux distro, check out Forensic Incidence Response Environment. http://fire.dmzs.com/ This distro is in my toolbox and really kicks ass!

Good post spawn but you can't forget firewalk
No I didn't. I just didn't post it, just like Fragrouter, ISN tools, Snort tester and the notion outside-in tests should also be followed by inside-out tests (at least basic egress testing)... FIRE/Biatchux is mentioned in our forums 1st sticky thread "FAQ: Security references", with Trinux and a slew of other toolkits. It's not something most people will want or even take the time learning to operate being a bit specialistic and this being a newbie site.

Since you got FIRE, do you know how to handle the forensics recovery part using TASK, TCT, foremost, fatback etc etc?

I don't like to sound cocky, (I'm not) but none of my systems have ever been broke into. I have never had the need to use TASK. I played around with it, but thats my extent of using it. CID's (Corps of Intelligence Detective) cyber response team or someone along those lines would deal with the forensics, not me.