IDS: Re: SNORT Testing

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

IDS mailing list archives

Re: SNORT Testing

From: Byron Sonne <blsonne () rogers com>
Date: Wed, 01 Mar 2006 21:56:07 -0500

The tools that come to mind for me are 'stick' and 'snot':
http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0096.html


Folks... I never said they were good tools!

As far as I'm concerned, the only test that matters is a real world one.Every network is different, sometimes radically, and I don't see much ofa point trying to generalize these kinds of things with a test suite.


Artificial tests give you artificial results.

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?

Find out quickly and easily by testing itwith real-world attacks from CORE IMPACT.Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708to learn more.

------------------------------------------------------------------------

By Date By Thread

Current thread:

Re: SNORT Testing Martin Roesch (Mar 01)
- Re: SNORT Testing Eric Hines (Mar 03)
- <Possible follow-ups>
- Re: SNORT Testing Richard Bejtlich (Mar 01)
  - Re: SNORT Testing Dirk Geschke (Mar 03)
- Re: SNORT Testing Aaron Turner (Mar 02)
- Re: SNORT Testing Byron Sonne (Mar 02)
  - RE: SNORT Testing Terry Vernon (Mar 03)
    - Re: SNORT Testing Stefano Zanero (Mar 09)