IDS mailing list archives
RE: IDS Testing Method
From: "M Shirk" <shirkdog_linux () hotmail com>
Date: Wed, 21 Jul 2004 07:17:49 -0400
If it is snort, you can use sneeze.pl to generate alerts. Also the common way to test the IDS is to use a vulnerability scanner like Nessus and scan a box, then run TCPDUMP and compare the packet count to make sure you are not dropping packets.
If you are speaking of signatures, I usually just create or compile the exploits to make sure I am alerting on the traffic.
Shirkdog -----Original Message----- From: tonavtejkohli () hotmail com [mailto:tonavtejkohli () hotmail com] Sent: Tuesday, July 20, 2004 6:48 AM To: focus-ids () securityfocus com Subject: IDS Testing Method Importance: Low Hi Lists, I'm trying to find out ways of testing different IDS systems. Is there any way, recommended'/best practice methodology for testing Network based IDS (NIDS) ? It would be very nice of you if anyone can give me some technical hints. Any information - papers, tools, links and own experience are much appreciated. Hoping for a reply soon from your side. Regards, NAVTEJ KOHLI _________________________________________________________________ Discover the best of the best at MSN Luxury Living. http://lexus.msn.com/ -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- IDS Testing Method NAVTEJ KOHLI (Jul 20)
- Re: IDS Testing Method Charles Heselton (Jul 22)
- Re: IDS Testing Method michael.li (Jul 26)
- <Possible follow-ups>
- RE: IDS Testing Method M Shirk (Jul 22)
- Re: IDS Testing Method Nigel Houghton (Jul 25)
- Re: IDS Testing Method Andrea Barisani (Jul 25)
- Re: IDS Testing Method Nigel Houghton (Jul 25)
- RE: IDS Testing Method Majed Mohammed Ayoub Al-Shodari (Jul 25)
- Re: IDS Testing Method Ravi Kumar (Jul 26)