Internet Security Systems offers firewall tester product

Internet Security Systems Inc. recently released Version 3.3 of Internet Scanner, a popular firewall testing product. The new version of Internet Scanner adds an enhanced graphical user interface and a graphical representation of the results of a network scan, according to Patrick Taylor, director

Internet Security Systems Inc. recently released Version 3.3 of Internet Scanner, a popular firewall testing product.

The new version of Internet Scanner adds an enhanced graphical user interface and a graphical representation of the results of a network scan, according to Patrick Taylor, director of product marketing at Internet Security Systems.

Federal users are seeking help testing and monitoring Internet firewalls as they begin to realize that installing this technology is more complicated than it seems.

"A lot of firewalls get misconfigured," said Christopher Klaus, chief executive officer of Internet Security Systems. "A lot are wide open to services that would let hackers through." Internet Security Systems has customers at the Energy Department, NASA and military sites, Klaus said.

Lawrence Livermore National Laboratory in California is using Internet Scanner to test for general network and Unix vulnerabilities, says Neal Mackanic, a computer scientist at the lab. And because most firewalls are Unix-based, the product would be good for that kind of testing as well, he said. Mackanic recently obtained a site license for broader use of the product at the DOE facility.

The National Computer Security Association uses Internet Scanner as part of its firewall testing program, said Jon McCown, an NCSA network security engineer in Carlisle, Pa. Since February, NCSA has certified 16 firewalls. The National Security Agency is a member of the NCSA-sponsored Firewall Product Developers Consortium, which is the umbrella organization for the testing program.

Internet Scanner scans past the firewall on a Transmission Control Protocol/Internet Protocol network "to see if we get through the filter," Klaus said. The system looks for more than 120 known holes. Related testing includes application-level and IP filtering as well as the firewall itself. Firewall testing - in a Unix environment - includes the usual send-mail and electronic-mail bugs as well as more modern attacks such as IP spoofing, Klaus said.

A license covering 10 to 20 machines costs about $800.

**

Adams is a free-lance writer based in Arlington, Va.

NEXT STORY: INTERCEPTS