Snort mailing list archives
RE: Snort IIS Signature Tester for Windowz
From: "Hicks, John" <JHicks () JUSTICE GC CA>
Date: Thu, 11 Jul 2002 13:08:31 -0400
Cool idea, though i'm not sure why ... both Whisker and Nikto (based on lib whisker) are very well supported and include a wealth of attack strings for almost every O/S, and are mostly regarded as the defacto standard for web server testing. whisker: http://www.wiretrip.net/rfp/p/doc.asp/i7/d21.htm nikto: http://www.cirt.net/code/nikto.shtml As for the problem with some signatures ... have you tried using netcat to connect to the server insteaad of wget? just some thoughts, John -----Original Message----- From: Scot Scot [mailto:scotw () hotmail com] Sent: Thursday, July 11, 2002 12:40 PM To: snort-users () lists sourceforge net Subject: [Snort-users] Snort IIS Signature Tester for Windowz Alrighty folks, a little testing tool that runs on the windows platform to share here. Its just something I threw together real quick. You will need to re-name httpattack to httpattack.bat. Also you will need wget.exe (ported to Windows). You can get it from: http://unxutils.sourceforge.net/ *nix~ers, you should be able to run this bad-boy as well; direct from your shell of choice. CAUTION!! This tool will trigger alerts in Snort and several other IDS's. Do NOT use without authorization. Read the ReadMe.txt for a description and instructions. Any feedback or ideas for improvements are welcome. Thank~Ya, Scot Wiedenfeld "It's All About The Pentium" -Weird Al ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek PC Mods, Computing goodies, cases & more http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort IIS Signature Tester for Windowz Scot Scot (Jul 11)
- <Possible follow-ups>
- RE: Snort IIS Signature Tester for Windowz Hicks, John (Jul 11)