RE: Test scripts for NIDS

[John Madden <chiwawa999 () yahoo com>]

I've gotten alot of suggestions to test the
signatures, i've got some to test the load but they
were $$$, anything out there for free ?

With a software and not an appliance how does one test
the load to know when the IDS can no longer verify
packets and they are being dropped ? Is this included
in the software ?

Thanks again everyone :)


> > -----Original Message-----
> > From: Bénoni MARTIN
> [mailto:Benoni.MARTIN () libertis ga]
> > Sent: August 31, 2004 09:05
> > To: John Madden; pen-test () securityfocus com
> > Subject: RE: Test scripts for NIDS
> <SNIP>
> > I know there is a tool that generates Snort's
> alerts, but I 
> > just cannot remeber it's name :(
> The tool you're talking about is called "SNOT". You
> can find it
> here: http://www.stolenshoes.net/sniph/index.html
>
> From the file 'snot-0.92a-README.txt' post at that
> URL:
>
> "Snot is an arbitrary packet generator, that uses
> snort rules
> files as its source of packet information. It
> attempts at all
> times to randomise information that is not contained
> in the
> rule, to hamper the generation of 'snot detection'
> snort rules.
>
> It can be used as an IDS evasion tool, by using
> specific decoy
> hosts, or just something to keep your friendly IDS
> monitoring
> staff busy.
>
> It has been tested to run on *BSD, Linux, Win2k,
> NT4.0 and Win98."
>
> I hope this helps,
> Alex Arndt
------------------------------------------------------------------------------
> Ethical Hacking at the InfoSec Institute. All of our
> class sizes are
> guaranteed to be 12 students or less to facilitate
> one-on-one interaction
> with one of our expert instructors. Check out our
> Advanced Hacking course,
> learn to write exploits and attack security
> infrastructure. Attend a course
> taught by an expert instructor with years of
> in-the-field pen testing
> experience in our state of the art hacking lab.
> Master the skills of an
> Ethical Hacker to better assess the security of your
> organization.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
>
-------------------------------------------------------------------------------
>



        
                
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - 100MB free storage!
http://promotions.yahoo.com/new_mail 

------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------