Re: Testing IDS/IPS Solutions

[Andres Riancho <andres.riancho () gmail com>]

You could use tcpsic for testing how well the appliance handles 
fragmented packets, you could use nikto and nessus to see how many 
attacks each one detects and finally you could setup a lab with two PC's 
and try to exploit a know vuln with metasploit to see how well  the  
appliance handles real attacks. There are also some tools that do a HTTP 
GET flood, that could be interesting to test also.

Jimmy Stewpot wrote:

> Hello,
>
> I am currently evaluating some UTM devices (fortinet, SonicWALL etc as 
> per my previous posts). So far my testing has been fairly limited. I 
> am currently looking to see if there are any tools around to test 
> these types of devices, Currently my testing is all done through basic 
> perl scripts however the information I get back from them is not 
> really ideal, Any ideas or recommendations would be greatly appreciated.
>
> Regards,
>
> Jimmy.
>
> ------------------------------------------------------------------------
> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it with real-world attacks from 
> CORE IMPACT.
> Go to 
> http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to 
> learn more.
> ------------------------------------------------------------------------


--
         Andres Riancho
     www.securearg.net <http://www.securearg.net/>
  /Secure from the source/

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------