This article can also be found in the Premium Editorial Download "Information Security magazine: Five crucial virtualization do's and don'ts."
Download it now to read this article plus other related content.
Mu offers one of the best fuzzing engines available and a comprehensive set of published vulnerabilities.
The system watches for service availability and response time during an attack, using a variety of instrumentation and monitoring options, including checking for system availability, service responsiveness, system log monitoring and more. When a fault is encountered, the Mu Analyzer supports stepping through groups of traffic and individual packets to determine which combinations of settings caused the problem.
Given the increased types of tests and greater flexibility, creating a custom test involves numerous steps setting up the appropriate protocols, choosing from a myriad of options, and configuring the appropriate monitoring and instrumentation of the target device.
The GUI is organized to walk you through the various steps for configuration, but building custom tests is not for
| the faint of heart. To help, Mu has added the ability to create test templates, XML files that simplify creating and customizing an attack scenario.
All of the options for a given test can be saved as a template and exported from one Mu-4000 and imported into another. In addition, Mu ships dozens of pre-baked complex test templates in the product, with new templates released periodically.
The documentation is voluminous, but well written and illustrated, walking users through the complex setup and explaining the report format well.
Mu's reports are easily understood, providing overall graphical representations of the test traffic generated, and the responsiveness of the target system under attack.
The Mu-4000 generates executive summary reports and assigns a letter grade based on faults and performance issues. Detailed metrics include not only service or system crashes, but also response time problems and the particular attack traffic that caused each problem.
The Mu-4000 offers comprehensive security testing, providing deep insight into how systems will fare under a barrage of attack traffic of all types.
Testing methodology: We configured the Mu-4000 to send a variety of packet mutations, published vulnerability attack vectors and denial-of-service attacks through a switch, router and network-based IPS device against a vulnerable target system running a variety of services, including Windows File and Printer Sharing, and a Web server.
This was first published in June 2008