Many networks rely on firewalls or filtering routers for frontline network security. Packet filtering firewalls or routers filter incoming or outgoing packets based on a set of access rules. The IP (Internet Protocol) Packet Generator computer program assists in verifying that a packet filtering firewall is configured correctly, by detecting security holes in the firewall's filtering rules.The IP Packet Generator enables the user to build TCP/IP (Transmission Control Protocol/Internet Protocol) packets and transmit them via the network, to detect errors in access list configuration.The user can specify the source IP address of a packet to simulate attempted access from a remote host. The user can also specify the destination IP address, the type of packet, the destination port number, the size of the packet, the number of packets to send, and the packet rate. Thus, the software helps the user perform an exhaustive test of the access list.

This work was done by Becky Johnson, Mark T. Page, and Henry W. Yu formerly of I-NET for Kennedy Space Center.

Inquiries concerning rights for the commercial use of this invention should be addressed to

the Technology Programs and Commercialization Office
Kennedy Space Center
(407) 867-6373.

Refer to KSC-11878.


NASA Tech Briefs Magazine

This article first appeared in the April, 2000 issue of NASA Tech Briefs Magazine.

Read more articles from the archives here.