IDS mailing list archives
RE: IDS testing. Libs for packet capture.
From: "Andrew Hay" <ahay () capitalg bm>
Date: Wed, 3 Dec 2008 16:20:47 -0400
Try Tcpreplay - http://tcpreplay.synfin.net/trac/ Andrew Hay, RHCE, GSEC, GCIA, GCIH, CISSP Security Analyst CAPITAL G Limited 25 Reid Street P.O. Box HM 1194 Hamilton HM EX Bermuda +1.441.294.2468 Direct +1.441.296.6853 Fax +1.441.300.0063 Cell ahay () capitalg bm www.capital-g.com -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of ????????? ????? Sent: Tuesday, December 02, 2008 7:18 PM To: focus-ids () securityfocus com Subject: IDS testing. Libs for packet capture. All, I have been working in IDS testing. Now I'm focused on testing network modules, like Snort, netstat, ect. I search for a tools to play traffic from tcpdumps. Is anyone in the group working on something like that? The idea is to develop some libpcap-like lib for playing tcpdumps. The question is: had it been already done? Are there any other common libs for packet captureing used in common IDSs? --- Saiko Alexander ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------ The information in this Internet e-mail, including attachments, contains information that is confidential and may be protected by attorney client privileges. This email, including attachments, constitutes non-public information intended only for the use of the designated recipient(s) to which it is addressed and may contain legal or financial information which is privileged, confidential or subject to copyright. Access by any other person to this Internet e-mail is not authorized. If you are not the intended recipient, please delete this Internet e-mail, including attachments, immediately and notify the sender by return email. Any disclosure of this Internet e-mail, including attachments, or of the parties to it, or copying, distribution or any action taken or omitted to be taken in reliance on it is prohibited, and may be unlawful.
Current thread:
- IDS testing. Libs for packet capture. Александр Сайко (Dec 03)
- RE: IDS testing. Libs for packet capture. Andrew Hay (Dec 03)
- Re: IDS testing. Libs for packet capture. Stefano Zanero (Dec 03)
- Re: IDS testing. Libs for packet capture. Skyler . Bingham (Dec 03)
- RE: IDS testing. Libs for packet capture. Koconis, David (Dec 04)
- Re: IDS testing. Libs for packet capture. Sethsec (Dec 08)