DEFENSICS Test Suites
DEFENSICS test tools have been packaged into test suites that cover the quality assurance and security readiness testing requirements of customers across several vertical markets.
| Core Internet > | Network Management > | |
| Routing > | Remote Access > | |
| VPN > | VoIP > | |
| 3G > | Digital Media > | |
| Email > | Bluetooth > | |
| WLAN > | File Systems and Storage > | |
| Industrial Automation > | Link Management > |
Core Internet
Codenomicon Defensics Core Internet test suite helps software developers, testers and administrators to search and pre-emptively eliminate security-related flaws from the implementations that create the backbone of the modern Internet and communication between the networked devices. The list includes, but is not limited to, routers, switches, firewalls, desktop and server systems, laptops, PDAs, cell phones and other mobile systems, as well as a large number of various embedded systems. Because several protocols from this category are often tightly coupled with the underlying operating system, serious flaws in handling them may easily result in total system compromises.
IPv4 (TCP, UDP, IPv4, ICMP, IGMP, ARP), IPv6 (TCP, UDP, IPv6, ICMPv6), DNS Server, DNS Client, DNS Zone Transfer, NTP (Client, Server), DHCP/BOOTP Client, DHCP/BOOTP Server, HTTP Server, HTTP Client, FTP Server, DHCPv6 Client, DHCPv6 Server
Net Management
Remote management of the networked devices is one of the areas where security, dependability and reliability are crucial. Defensics Remote Management test suite helps ensuring the implementation level security of the protocols that are used for observing, controlling and managing remote networked devices over the Internet. Back in 2002 vulnerabilities in SNMP protocol caused wide-spread industry impact. Defensics Remote Management test suite includes SNMP tests, among other protocols, for pre-emptively eliminating similar vulnerabilities from the systems deployed today.
HTTP Server, HTTP Client, TLS/SSL Server, TLS/SSL Client, Telnet Server, SSH1 Server, SSH2 Server, SNMPv1/v2 Server, SNMPv3 Server, TFTP Server, UPnP Server
Routing
Routing services in modern networks are extremely availability-critical as they often constitute a weak point for the network communications of any organization. If routing service is disrupted, all the higher-level protocols grind to a halt. Defensics Routing test suite has been designed to discover and help eradicate security-related flaws from the implementations of the routing protocols. Test suite addresses the security of the critical routing protocols, such as BGP, that, if found vulnerable, may result in large portions of the Internet to be rendered completely inaccessible.
IS-IS, DVMRP, GRE, OSPFv2, OSPFv3, PIM-SM/DM, RSVP, VRRP, BGP4, RIP, RIPng, MPLS/LDP
Remote Access
Defensincs Remote Access test suite is designed for ensuring the security and robustness of the availability-critical AAA (Authentication, Authorization and Accounting) services and protocols that are widely deployed in both fixed and mobile modern networks Typical protocols in this category, such as RADIUS and Diameter, are intended as protocols for centralized Authentication, authorization and accounting (AAA). Despite the advantages, this often constitutes a single point of failure and can result in undesired downtime and denial-of-service conditions, rendering entire networks inaccessible to their customers. Pre-emptive testing with the Defensics Remote Access helps in eliminating the threats.
EAPOL Server, PPPoE, Diameter Server, Diameter Client, LDAPv3 Server, TACACS+ Server, TACACS+ NAS, RADIUS (Server, Client), Kerberos Server
VPN
Modern organizations are increasingly spread out geographically and there is a need to provide efficient remote access methods to the company's information systems. Virtual Private Network (VPN) is usually used for this purpose. As attractive as VPN may be, it is also a big security challenge. VPN is often used for accessing the services of internal network and the data carried over it can be highly sensitive. The protocols comprising typical VPN implementations are many and complex, giving a lot of opportunities for the implementation errors. Pre-emptive testing with the Defensics VPN test suite helps in dramatically decreasing the possibility of breach by malicious attacks using malformatted input.
IPSec, SSH1 Server, SSH2 Server, TLS/SSL Server, TLS/SSL Client, ISAKMP/IKEv1, IKEv2
VoIP
Telecommunications services are usually both ubiquitous and availability-critical. Any flaws in fixed or mobile telecommunications protocol implementations can lead to widespread service disruptions. With Defensics VOIP test suite the customers can pre-emptively eliminate robustness flaws from the critical VOIP infrastructure and devices. Protocols like SIP and RTP are rapidly becoming fundamental building blocks of IP-based telephony. Because of this, the implementations must meet the challenges and threats posed by an all-IP environment. The dependability of a VOIP network and its devices should be no less than that of the traditional PSTN.
SCTP, H.248, H.323, RTSP Server, TLS/SSL Server, TLS/SSL Client, SIP UAS, SIP UAC, SigComp, RTP/RTCP/SRTP, MGCP, UPnP Server
3G
Defensics 3G test suite addesses the security and robustness of the 2.5G and 3G core networks. The most critical devices in the network, including GGSNs, SGSNs, RNCs and charging gateways converse using GTP, for which the tests are included in Defensics 3G test suite. The devices are tested through standard interfaces, including Gn and Gp. Additionally, Defensics 3G suite includes tests for various other protocols in 3G environment, including LDAP, which is used in accessing and storing security critical information such as user authentication data and IT management information. Defensics 3G is an essential tool for anyone who develops or depends on the robust functioning of 2.5G and 3G networks.
SCTP, GRE, IPSec, Diameter Server, Diameter Client, LDAP Server, TLS/SSL Server, TLS/SSL Client, SIP UAS, SIP UAC, GTPv1, GTPv0, RADIUS (Server, Client)
Digital Media
Internet is full of funny videos and images, but sometimes digital media can be deadly for the devices processing it. Anomalously crafted digital media, such as audio, video and images can be used for attacking a device and creating denial of service condition and exploits similarly to protocol attacks. Defensics Digital Media is a unique security and robustness testing solution that takes into account this attack vector that is too often ignored by the other test solutions.
Audio (AIFF, AU, AMR, IMY, MP3, VOC, WAV)
Image (BMP, GIF, JPEG, MBM, PCX, PNG, PIX, PNM, RAS, TIFF, WBMP, XBM, XPM, WMF)
Video (AVI, Quicktime, MPG1, MPG2, MPEG4)
Archive (ZIP, CAB, JAR, LHA, GZIP)
Due to its ubiquitousness, the modern society has come to depend on email and the availability of email services. This places high requirements for the quality of email protocol implementations, so that services are not disrupted by malformed data and malicious attacks. Defensics E-mail test suite has been developed for testing the e-mail service implementations for current and future security flaws and robustness problems. The suite includes tests for fundamental protocols in e-mail exchange, POP3, IMAP4 and SMTP.
POP3 Client, POP3 Server, IMAP4 Client, IMAP4 Server, SMTP Client, SMTP Server
Bluetooth
Bluetooth is often thought to be separate from the security critical systems, but that is a dangerous assumption. Consider, for example, a smartphone or PDA, Bluetooth enabled cars or medical devices. A security breach with these may lead to significan financial loss or even in the loss of life. A practical testing of 31 Bluetooth enabled devices in mid-2006 revealed less than 10% survival rate when subjected to Defensics Bluetooth robustness testing solution. Defensics Bluetooth is a testing solution of choice for the quality and security minded vendors.
L2CAP, SDP, RFCOMM, OBEX, OPP, FTP, IrMC Synch, BIP, BPP, BNEP, HFP, HSP, DUN, PBAP, FAX, AVRCP, A2DP, HCRP, HID, SAP, HFP Client, HSP Client
WLAN
Wi-Fi is one of the technologies where the adoption rate has skyrocketed and has truly changed the way we access information systems, making it increasingly location independent. Unfortunately, new technology and new usage models also bring in the new security challenges and we've already seen a number of Wi-Fi vunerabilities out in the open. In the wireless world, anything can be attacked, anyone can attack and an attacker can remain anonymous. Defensics Wi-Fi is a solution of choice for anyone wishing to ensure the security and robustness of the Wi-Fi Access Points and Wi-Fi enabled client devices.
802.11 Server, 802.11 Client, WPA1 / WPA2 Client Tester, WPA1 / WPA2 AP Tester
Link Management
Defensics Link Management test suite addresses the security and robustness of the fundamental Layer 2 protocols. Pre-emptive testing of the STP/RSTP/MST and LACP implementations in network nodes and switches ensures interruption free service and helps avoiding the costs caused by possible downtime.
File Systems/StorageRecent years have seen a steady trend towards networked data storing with Storage Area Networks (SAN) and Network Attached Storage (NAS). Traditionally, SAN systems have been isolated islands but have lately been opening up to public IP networks and moving from Fibre Channel to ethernet based iSCSI. This opens up an unprecedented amount of potential attack vectors to SAN/NAS systems that have been originally designed for high capacity and performance, with security being just an afterthought.Defensics Filesystems & Storage solution enables organizations to defend against SAN/NAS attacks and protect the critical corporate data.
