Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Triggering IDS

From: bart () packetjunkie com
Date: Thu, 16 Mar 2006 13:21:07 -0700

Adam, 
  
Blade Software's IDS Informer
(http://www.bladesoftware.net/prod_ids.html) - This is a decent
commercial tool available to test the effectiveness of your IDS/IPS. 
It worked quite well when I used it.  They have a lot of "attacks" to
choose from to throw at the IDS.  The cool part about the tool is that
you can pitch/catch the packets between two NICs on the same system.   
  
If you're looking for a free way to do this, I would suggest capturing
some real attacks and use TCP replay.  Also, you could use Snot (yes
spelled right), but this tool is somewhat primitive in what it can do. 
The replaying of packets usually works the best since you know exactly
what you are sending.   
  
In my opinion though, if you have the money to spend, Blade is
definitely the way to go.  It works great for just this problem. 
  
-Bart


------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
As attacks through web applications continue to rise, you need to proactively 
protect your applications from hackers. Cenzic has the most comprehensive 
solutions to meet your application security penetration testing and 
vulnerability management needs. You have an option to go with a managed 
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). 
Download FREE whitepaper on how a managed service can help you: 
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com
------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: