Re: [fw-wiz] How automate firewall tests
> On Tue, 22 Aug 2006 14:48[color=blue]
> Avishai Wool wrote:[/color]
> I agree with almost all the above except the statement
> "analyzing the firewall configuration files is *not* the right way"
> It's not very easy to do, certainly not easy to do *well*,
> but it is very possible![/color]
Yes, it is very possible. That's not my point.
My point is, checking the firewall configuration doesn't guarantee you get what
you want. You have to trust the implementation to be sure the rules are
That's why "analyzing the firewall configuration files is *not* the right way".
The right way is to analyze *how* the firewall applies the rules, not what are
> if you are interested, you can find some academic papers
> about how it works at: [url]http://www.eng.tau.ac.il/~yash/fw/index.html[/url][/color]
As a member of IEEE and the Computer Society I allready know some of these
firewall-wizards mailing list