Robert D. Holtz wrote:
> Use the worms themselves if you're testing IDS/IPS systems.
>
> Just isolate them and setup a test system that you infect with the worms.
> Use this system to pound away at the IDS.
>
> If you need more systems you can always throw VMWare onto your test system
> and create them virtually.
>
> Nothing better to test with than the real thing!
Excellent idea, Robert! The only problem is scalability, which you already
hinted at. It'd take a lot of VMs to generate the kind of traffic I'm
looking for ;)
-jp
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
Received on Aug 21 2006
Intro
