Other examples of fault injectors are Bitwalk, which can be applied to any binary payload by applying a large range of values to each byte within the field; Buffer Overflow, which applies incrementally larger values to target fields and monitors for signs of a successful buffer overflow; and Cross-Site Scripting, which attempts to post executable content throughout the site and then goes back to check for its availability to the user (see the features chart for additional details).
The Protocol Modeler GUI is decent, though a few quirks prevent it from presenting a highly polished front end. All component windows are contained within the master window and can be moved around and docked and undocked, and many can be closed and later reopened. You'll want as large a monitor as possible because of the myriad subwindows and data sprawling across the screen. The transaction-editor pane hasn't been updated since we last examined the tool (more than a year ago) and still presents a clunky interface that requires the user to scroll horizontally for miles while searching for the desired field. The company promises better integration with the transaction editor in future versions. Even with a large display, working in the GUI can be a bit cramped because some of the subwindows cannot be closed, and resizing widgets can be tricky.
The fact that this hard-core network-vulnerability testing tool is housed on a Microsoft Windows platform may strike some as a bit strange. After all, cobbling together network vulnerability testing tools offering the same functionality typically means spending time with custom packet-generation libraries and a compiler on your preferred BSD or Linux platform. But it turns out that Windows is a logical choice for this tool. In terms of ease of use and familiarity, Windows GUI widgets create a familiar home for most users. Some religiously Unix-oriented network-security geeks may bristle at anything coming out of Redmond, but you can't please everyone all the time. Any NIC supported under Windows will work fine.
As for reporting, by storing the data in a SQL-based repository of the user's choice, custom reports based on specific requirements can be created outside Protocol Modeler. The built-in reports are sufficient for most testing and even include (where appropriate) rollup graphs and narrative explanations.
Crash-Test Dummies
Unfortunately, we faced some insurmountable glitches with version 3.06 (shipped to us for testing) that were especially painful given Protocol Modeler's hefty $25,000 price. The QA cycle that let this version out the door leaves us less than impressed. According to Cenzic, the changes made in 3.06 were all performance related, but the developers seem to have outsmarted themselves: Protocol Modeler frequently ran out of file handles and crashed spectacularly. Any intensive test fell prey to these faults. The company issued patches and the engineering team scrambled, but Cenzic could not fix the problems during our testing window.