IDS mailing list archives
Re: Traffic logs to help with IDS testing and development
From: SCC <scc () globaldataguard com>
Date: 11 Feb 2003 17:51:44 -0600
Try the Honeypot Porject for very good packet captures On Mon, 2003-02-10 at 19:17, Brennen Reynolds wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello All, I have been tasked with assembling a collection of packet captures to be used in an IDS testing and development project. I have spent some time on Google but only encountered limited success. Thus far I have found the DefCon 9 captures as well as the traditional data set from the Lincoln Labs used in the 1999 evaluations. I know that the Shmoo group tried to capture the DefCon 10 CTF but only got the packet headers (which isn't very helpful). I found an old message from Ron Gula stating he had put up the captures for DEFCON 8, DEFCON 7, SANS 2000 ID-NET and SANS 1999 ID-NET, but the link is now dead. If anyone has any pointers to packet captures in TCPdump or any other easy to use format I would be very grateful for the pointers. Thanks. Brennen - -- Brennen Reynolds - Chief Consultant/Owner - Off-Piste Consulting, LLC Email: brennen at off-pisteconsulting dot com Voice: (209) 258-4584 WWW: http://www.off-pisteconsulting.com Fax: (209) 258-4584 PGP Fingerprint: E868 8B0D 175D 7394 E7AE 9E71 38CC 2B63 A1EB 9D9F -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 iQA/AwUBPkhPKjjMK2Oh652fEQLV1gCg6f+S33rndFZq7+QGB5bU/Ama0mMAnAyY Xsmd5+jgdCvtyAYJyIVfhIhM =LJrr -----END PGP SIGNATURE-----
Current thread:
- Traffic logs to help with IDS testing and development Brennen Reynolds (Feb 11)
- Re: Traffic logs to help with IDS testing and development SCC (Feb 11)