|Gibson Research Corporation Proudly Discloses|
Rapidly Assimilates the Actual Security Capability
of any Internet Appliance, Computer, or Device.
|The Birth of The ASSIMILATOR|
Several weeks before I conceived and built this cool little Internet Nightmare, I met with representatives of SOHOware. Their company was preparing to introduce a "Secure Cable/DSL Router" for the home/small office market. For all intents and purposes, the features of this little NAT router appeared to be identical to the well-established and popular Linksys router (among others): One 10-baseT WAN port with NAT routing to a four-port 10/100 switch, expandable to 253 users, Web browser-based configuration, etc., etc. Same old story, right? It was even priced the same.
But this router's distinguishing feature was that rather than merely stating that it had "firewall like" features which is inherently true of any NAT router SOHOware calls their router "secure" because it incorporates a full, stateful packet inspection firewall, explicit Denial of Service management technology, and the ability to send eMail reports in the event of external intrusion attempts. Of course, all that sounds really cool. And all other things being equal (like the price, which is), who wouldn't rather use a "secure Cable/DSL router" if given the choice? But how do we actually know that these are useful features? How do we know what any of that really means?
When Car & Driver Magazine tests a new car, they certainly start by reading the car's specifications. However, specifications only tell part of the story and a car's specs might actually relate poorly to the needs of the real world out on the road. As the old saying goes: "Specifications can lie." So, Car & Driver takes every car out onto a test track to put it through its paces. They push the car to its limits and beyond to find out exactly what it can really do.
Internet Security technologies?
Because I have an "influential voice" in this Internet security industry, the SOHOware folks handed one of these newly minted "secure Cable/DSL routers" to me . . . and now, presumably, they would like to me to say something meaningful about it. Hmmmmm. That's a problem. SOHOware is also sending them out for "review" to all of the other various magazines and influential Internet consultants. But what are those guys going to say? What CAN they say? It's a nice color of blue? It has a longer power cord than the Linksys and D-Link NAT routers? The retail packaging seems a bit bigger than it needs to be? Nice user's guide?
we really want, but that's much more tricky.
You know me. If I have any choice I don't want to just regurgitate their specs and press propaganda. (Which is what I'm afraid everyone else will pretty much be forced to do.) For example, the SOHOware "Reviewer's Guide" states:
I can see how running an Internet server behind the router could expose the user to Denial of Service (DoS) vulnerability (since you have a machine accepting unsolicited anonymous connections), in which case having a DoS-resistant gateway would be really useful. But since all NAT clients should have a software firewall anyway, isn't that enough? Or is it? No one knows. Yet.
Is a software firewall as good as one in hardware? I think we ought to know. Can I make a Linksys or D-Link NAT router melt down and smoke, while SOHOware's router laughs in my face? Can I design an exploit to deliberately penetrate a non-stateful packet inspection NAT router which would be stopped cold by a packet inspector? It seems to me it's my job to find out . . . then tell the world something truly meaningful about such a comparison. That's when . . .
missing an Internet Torture Test Device.
We need to be able to subject our computers, firewalls both software and hardware and other Internet devices to variable-intensities of Denial of Service attacks, ping-of-death floods, storms of deliberately fragmented packets and anything else we can imagine in order to find out exactly how well they perform when they are actually under fire. Unless we do that, we're really just responding to slick marketing.
For this reason . . . The ASSIMILATOR was born.
while simulating and monitoring the behavior of an innocent client.
Using a pair of independent, high-performance, 10/100-baseT NIC interfaces to simulate any network configuration, The ASSIMILATOR can easily simulate a much harsher network environment than any personal computer or WAN-connected device could ever experience in real life. Thanks to the custom NanoProbe TCP/IP protocol stacks, The ASSIMILATOR can "wrap around" a NAT router, simultaneously interconnecting to both its WAN and LAN interfaces, to simultaneously simulate the presence of remote Internet servers and local Internet clients. It can assault any device's TCP/IP stack with a fully-saturated 100-Megabit Ethernet stream of nightmare packet traffic . . . while monitoring the device's responses and performance.
to find out how well our toys work.
. . . and so on.
devices REALLY work . . . and which are just toys.
Gibson Research Corporation is owned and operated by Steve Gibson. The contents
of this page are Copyright (c) 2014 Gibson Research Corporation. SpinRite, ShieldsUP,
NanoProbe, and any other indicated trademarks are registered trademarks of Gibson
|Last Edit: Oct 06, 2003 at 13:32 (4,163.45 days ago)||Viewed 17 times per day|