Hi, I am just wondering how to test the SPI (stateful packet inspection) in software / hardware firewalls. Is there a web service / application. Or do I have to use WinPCap or Ethereal - In that case how do I craft the special network packets to send out? Obviously it would be good to differentiate between basic SPI, advanced SPI and normal packet filtering. See here for an example. Thanks Phant0m!
Maybe you can use Sniffer Pro or Iris Network Traffic Analyzer. It looks like that Sniffer supports IPv6 packets,and Iris Network Traffic Analyzer is easy to modify the packets (IMO )
Don't know much of softboxes. I believe they use a packet sniffer (like WireShark) on target & source PC. Then use a software based packet generator like NTG for creating custom packets. You can download a 15 trial from download.com: http://www.download.com/Network-Traffic-Generator-and-Monitor/3000-2085_4-10668961.html But hardware ones, are tested using professional tools. For example: Spirent ThreatEx ( to check for known attack shielding capabilities) along with Spirent Avalanche ( to stress test ) and Spirent TestCenter ( to test particular packet flow/scenario. Including SPI ). If you are in a professional network test job/company, I would recommend the above testing equipment. More details here: http://www.spirentfederal.com/IP/Products/ThreatEx/Overview/