Post Build Application Services Testing

Table of Contents
  • Connectivity
  • Firewall rulesets (PF)
  • Postfix / Sendmail
  • OpenVPN

There are precious few tools for full automation tests for the functionality, security, et. al. of most applications/services. As we come across a systematic process for testing hosts, services we'll document them here.

Post build testing should be a sequence of well defined test sequences for each application service, depending on the key parameters important for that application (e.g. maintainability, security, performance.)

Connectivity

Base tools for diagnosis of system level failures include:

  • dmesg
  • pcidump
  • usbdevs
  • netstat
  • nmap
dmesg

dmesg displays the contents of the system message buffer. It is most commonly used to review system startup messages.

/var/run/dmesg.boot contains the dmesg at boot time.

pcidump -v

The pcidump utility displays the device address, vendor, and product name of PCI devices. When no arguments are given, information on all PCI de- vices in the system is shown; otherwise a single PCI domain or device may be specified.

usbdevs -v

usbdevs prints a listing of all USB devices connected to the system with some information about each device. The indentation of each line indi- cates its distance from the root.

netstat -m

The netstat command symbolically displays the contents of various net- work-related data structures. There are a number of output formats, de- pending on the options for the information presented.

Show statistics recorded by the memory management routines (the network manages a private pool of memory buffers).

Postfix / Sendmail

Known Test centers: vulnerability, performance

Test Suites:

  • performance: smtp-benchmark from ports/benchmarks
  • nmap from ports/net
  • relay: telnet
  • mail reciept: review logs (/var/log/maillog), telnet, mta client
  • mail delivery: review logs (/var/log/maillog), mta client

Firewall rulesets

Known Test centers: vulnerability, performance, traffic route

Test Suites:

  • tcpbench from base
  • tcpblast from ports/benchmarks
  • netcat from base
  • nmap from ports/net
  • review route tables, arp tables
  • review tcpdump -nettti pflog0
  • review tcpdump -nettti interface-in, CARP-in
  • review tcpdump -nettti interface-out, CARP-out
  • review tcpdump -nettti @ source host
  • review tcpdump -nettti @ destination host

OpenVPN

Known Test centers: Traffic route, vulnerability, performance

Test Suites:

  • tcpbench from base
  • tcpblast from ports/benchmarks
  • netcat from base
  • nmap from ports/net
  • review route tables, arp tables
  • review tcpdump -nettti pflog0
  • review tcpdump -nettti interface-in, CARP-in
  • review tcpdump -nettti interface-out, CARP-out
  • review tcpdump -nettti @ tunnel device source host
  • review tcpdump -nettti @ tunnel device destination host
  • review tcpdump -nettti @ source host
  • review tcpdump -nettti @ destination host

Refer to OpenVPN notes for further information.