|
IDS
mailing list archives
RE: IDS Testing Method
From: "M Shirk" <shirkdog_linux () hotmail com>
Date: Wed, 21 Jul 2004 07:17:49 -0400
If it is snort, you can use sneeze.pl to generate alerts. Also the common
way to test the IDS is to use a vulnerability scanner like Nessus and scan a
box, then run TCPDUMP and compare the packet count to make sure you are not
dropping packets.
If you are speaking of signatures, I usually just create or compile the
exploits to make sure I am alerting on the traffic.
Shirkdog
-----Original Message-----
From: tonavtejkohli () hotmail com [mailto:tonavtejkohli () hotmail com]
Sent: Tuesday, July 20, 2004 6:48 AM
To: focus-ids () securityfocus com
Subject: IDS Testing Method
Importance: Low
Hi Lists,
I'm trying to find out ways of testing different IDS systems. Is there any
way, recommended'/best practice methodology for testing Network based IDS
(NIDS)
?
It would be very nice of you if anyone can give me some technical hints.
Any information - papers, tools, links and own experience are much
appreciated.
Hoping for a reply soon from your side.
Regards,
NAVTEJ KOHLI
_________________________________________________________________
Discover the best of the best at MSN Luxury Living. http://lexus.msn.com/
--------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE
IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
--------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
|
Intro
