On Thu, Jan 24, 2019 at 03:49:46PM -0000, adamv0025@netconsultings.com wrote:
This actually makes me thing that it might be worthwhile including these types of test to the regression testing suite. So that every time we evaluate new code or vendor we don't only test for functionality, performance and scalability, but also for robustness i.e. sending a whole heap of trash down the sockets which are accessible form the Internet (via the iACL holes), to limit the scope of the test.
Rather than relying on experiments to notify us the hard way that something is not right.
adam
I agree. It seems to me that testing with almost-valid data (well formed, but with disallowed values) as well as fuzz-testing are essential parts of software quality control. - Brian