|
IDS
mailing list archives
RE: Snort signature packet generator
From: "Jeff Dell" <jdell () activeworx com>
Date: Mon, 8 Nov 2004 10:27:22 -0500
You might want to take a look at stick or snot... They can be found at:
Snot: http://www.stolenshoes.net/sniph/index.html
Stick: http://www.eurocompton.net/stick/projects8.html
http://www.securityfocus.com/tools/1974
Jeff
-----Original Message-----
From: Graeme Connell [mailto:gconnell () middlebury edu]
Sent: Friday, November 05, 2004 12:29 PM
To: focus-ids () securityfocus com
Subject: Snort signature packet generator
I'm attempting to train a neural network using snort, and I'm having
trouble getting a good number of "bad" packets, IE: those that snort
considers malicious. Since a snort signature is really just a
definition of a subset of all possible packets, it seems like
it should
be possible to create a packet that snort considers bad by filling in
packet fields based on a snort signature, then filling the
rest of the
packet with random garbage. Does anyone know if this type of program
has already been created, and if so, where could I find it? Thanks.
--Graeme Connell
--------------------------------------------------------------
------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world
attacks from
CORE IMPACT.
Go to
http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------
------------
--------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
| 
Intro
