FTester is firewall and IDS testing software that tests filtering policies for IT security.
Both scripts produce log files in the same format, which allows for easy comparison by using a diff tool. The comparison of these logs, ftest.log and ftestd.log, indicates which packets were blocked by the filtering rules of a firewall when running the scripts on hosts placed on different sides of the firewall. Stateful inspection firewalls can be handled with the 'connection spoofing' option.
FTester also includes a script called freport, which can automatically parse the log files. However, ftest.conf must be crafted for each different testing situation. To help with this task, examples and rules are included in the configuration file.
The IDS testing feature can be used with just ftest or with the additional support of ftestd for handling stateful inspection IDS. Ftest can also use common IDS evasion techniques. In addition to using the configuration syntax, the software can process snort rule definition files.
The two scripts that make up FTester were created to address the need for an easier and more automated way of testing firewalls and IDS capabilities. Prior to its creation, these tasks were performed manually, with the use of packet-crafting tools and tcpdump. The software was also written with the intention of learning some perl. Overall, FTester is a useful tool for network administrators and security professionals who need to test their security infrastructure.
Version 1.0: N/A