Snort mailing list archives
RE: RE: testing ids
From: Latha K <latha_lkris () yahoo com>
Date: Tue, 18 Mar 2003 10:34:04 -0800 (PST)
I have developed a tool some time back which parses the snort 1.8.7 signature files and uses the information to generate attacks. Currently it can send HTTP, ICMP and UDP traffic. It opens a HTTP session with a web server and sends a attack in each session. You can download the tool from Ihttp://www.geocities.com/latha_lkris/ -lkris
http://www.sans.org/rr/intrusion/
sans is always a good source, also read around and follow links from >snorts page, or maybe outsource and throw some work on over to >sourcefire if you can.
:)
-----Original Message----- From: Benjamin Hippler [mailto:benjamin.hippler () siemens com] Sent: Monday, March 17, 2003 12:15 PM To: snort-users () lists sourceforge net Subject: RE: [Snort-users] RE: testing ids Dear All, Has anyone experience with very large IDS implementations? Where can I find whitepapers, best practices,.. about this topic? Thanks in advance, Benjamin
--------------------------------- Do you Yahoo!? Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
Current thread:
- RE: testing ids, (continued)
- RE: testing ids Jan van den Berg (Mar 14)
- RE: testing ids Ashley Thomas (Mar 14)
- RE: testing ids Ray Ellington (Mar 14)
- testing ids Julio (Mar 17)
- RE: testing ids Brian Laing (Mar 17)
- RE: RE: testing ids Benjamin Hippler (Mar 17)
- Very Large IDS implementations (was Re: RE: testing ids) Bennett Todd (Mar 17)
- Re: Very Large IDS implementations (was Re: RE: testing ids) Andrea Barisani (Mar 17)
- Very Large IDS implementations (was Re: RE: testing ids) Bennett Todd (Mar 17)
- RE: RE: testing ids Benjamin Hippler (Mar 17)
- RE: RE: testing ids Miller, Eoin (Mar 17)
- RE: RE: testing ids Latha K (Mar 18)
- RE: testing ids Latha K (Mar 18)