The Network Security. Org

Tomahawk

Tomahawk is a command line tool for testing network-based intrusion prevention systems (NIPS). To date, the tools for testing NIPS have been expensive and limited in functionality. They are typically designed for testing other products, such as switches (e.g., SmartBits/ IXIA), server infrastructure (e.g., WebAvalanche), or Firewalls and Intrusion Detection Systems (Firewall Informer or IDS Informer). None of these tools simulate the harsh environment of real networks under attacks.

Tomahawk is designed to fill this gap. It can be used to test the throughput and blocking capabilities of network-based intrusion prevention systems (NIPS).
Throughput testing

The throughput of many NIPSs is highly dependent on the protocol mix. A NIPS must reassemble and inspect application level data encapsulated in network traffic. It must decode network and application level protocols. Since some protocols are more computationally intensive to decode than others, the effect a NIPS has on network performance can be highly dependent on the protocol mix that must flow through the NIPS.

Tomahawk can test the throughput of a NIPS using the most realistic mix of protocols possible: one obtained by taking a sample of traffic from the network and replaying it. A single Tomahawk server can generate 200-450 Mbps of traffic. By using multiple servers and aggregating the traffic through a switch, 1 Gbps or more of traffic can be replayed through the NIPS. Tomahawk Test Tool

More News

• Website infection rate triples
  



• How to Use Honeypots to Improve Your Network Security
  



• Microsoft Patch Tuesday Targets 26 Application Flaws
  



• SSL VPNs might not be as secure as you think
  



• 8 tips to filter spam effectively
  



• Onus on IP address owner to prove innocence
  



• How to install an SSH Server in Windows Server 2008.
  



• Several vulnerabilities closed in the Linux kernel
  



• 8 Best Practices for Encryption Key Management and Data Security
  



• Free Honeypot Client Could Sting Malware
  



• What Firewalls Do & Donot Do
  



• Symantec fingers D Link for bot attacks
  



• WhiteHat: 90% of Sites Still Vulnerable
  



• Red Hat releases free security code
  



• A new type of Bluetooth security
  



• Dude, where is my perimeter?
  



• Scaring users into IT security
  



• VMware fixes security bugs
  



• The top 10 security land mines
  



• Encrypt volumes through a cross platform GUI with TrueCrypt 5.0