Ferramenta de Injeção de Falhas para Avaliação de Sistemas de Segurança em Rede
Abstract
A great number of new security tools have been developed to solve the problems of IP networks but some doubts were raised about the their efficiency. There are many techniques used to evaluate the vunerabilites of a network, but their results are limited and few tools aim to facilitate and automate the evaluation of security network programs. This article presents a network fault injection system created to test network security equipment, aiming to fill the gap between packet injectors and vulnerability scanners.
References
Bace, R. (1999) “An Introduction to Intrusion Detection & Assessment”, Scotts Valley: Infidel.
Chapman, D. B., Zwicky, E. D., Building Internet Firewalls. 2nd ed. O’Reilly, 2000.
Deraison, R. (2000) “Nessus Security Scanner”, http://www.nessus.org/, Dez. 2002.
Grimes, M (2000) “Nemesis Packet Injection” , http://www.packetfactory.net/Projects/nemesis/, Dez. 2002.
Hsueh, M. et al. (1997) “Fault Injection Techniques and Tools”, Computer, v. 30, n. 4, p.75-82.
McHugh, J., Christie, A., Allen, J. (2000) “Defending Yourself: The Role of Intrusion Detection Systems”, IEEE Software Computer, v. 17, n. 5, p. 42-51.
Ricketts M. (200) “SendIP”, http://www.earth.li/projectpurple/progs/sendip.html, Dez. 2002.
Sanfilippo, S. (2001) “Hping”, http://www.hping.org, Dez. 2002.
Todd, B. (1999) “Security Auditor's Research Assistant”, http://www-arc.com/sara/index.shtml, Dez. 2002.
Wack, J.; Tracey, M. (2002) “Guideline on Network Security Testing (DRAFT)”, National Institute of Standards and Technology Special Publication 800-42.
Wanner, P. (2001) “Técnicas de Injeção de Falhas e Avaliação de Segurança de Rede”, Trabalho Individual Instituto de Informática, UFRGS, Porto Alegre.
WORLD WIDE DIGITAL SECURITY, INC. (2000) “Security Administrator's Integrated Network Tool”, http://www.wwdsi.com/saint/, Dez. 2002.
Chapman, D. B., Zwicky, E. D., Building Internet Firewalls. 2nd ed. O’Reilly, 2000.
Deraison, R. (2000) “Nessus Security Scanner”, http://www.nessus.org/, Dez. 2002.
Grimes, M (2000) “Nemesis Packet Injection” , http://www.packetfactory.net/Projects/nemesis/, Dez. 2002.
Hsueh, M. et al. (1997) “Fault Injection Techniques and Tools”, Computer, v. 30, n. 4, p.75-82.
McHugh, J., Christie, A., Allen, J. (2000) “Defending Yourself: The Role of Intrusion Detection Systems”, IEEE Software Computer, v. 17, n. 5, p. 42-51.
Ricketts M. (200) “SendIP”, http://www.earth.li/projectpurple/progs/sendip.html, Dez. 2002.
Sanfilippo, S. (2001) “Hping”, http://www.hping.org, Dez. 2002.
Todd, B. (1999) “Security Auditor's Research Assistant”, http://www-arc.com/sara/index.shtml, Dez. 2002.
Wack, J.; Tracey, M. (2002) “Guideline on Network Security Testing (DRAFT)”, National Institute of Standards and Technology Special Publication 800-42.
Wanner, P. (2001) “Técnicas de Injeção de Falhas e Avaliação de Segurança de Rede”, Trabalho Individual Instituto de Informática, UFRGS, Porto Alegre.
WORLD WIDE DIGITAL SECURITY, INC. (2000) “Security Administrator's Integrated Network Tool”, http://www.wwdsi.com/saint/, Dez. 2002.
Published
2003-05-01
How to Cite
WANNER, Paulo César Herrmann; WEBER, Raul Fernando.
Ferramenta de Injeção de Falhas para Avaliação de Sistemas de Segurança em Rede. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 3. , 2003, Natal.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2003
.
p. 72-79.
DOI: https://doi.org/10.5753/sbseg.2003.21252.
