ARMING YOUR TOP SECURITY GUNS

摘要

Protocol Modeler lets you quickly develop network-layer attacks by using fault-injection components. The attacks are aimed at uncovering vulnerabilities in underlying software, whether it be closed-source "blackbox" testing of a commercial product―say your perimeter firewall's IP-based administrative interfaces―or testing of an in-house Web application under development. Protocol Modeler is capable of virtually any type of test because, even if the prebuilt fault injectors don't address your testing needs, it's possible to create your own fault injectors―albeit with much work. You can manipulate simpler types of network traffic using the GUI tools and undertake more complex tasks using a PERL-like API, though once you head down that road, you've lost most of the speed and elegance of test creation that make Protocol Modeler attractive.