Re: Slightly OT: high speed packet generation software

[Dirk Geschke <Dirk () geschke-online de>]

Hi Douglas,

> I'm curious to know what everyone else uses for high speed packet 
> generation. I'm not so much interested in single packets, but rather, 
> something that can generate a lot of traffic. Noise is irrelevant, as I'm 
> an looking to do IDS testing. I've looked a little at a few on freshmeat 
> (packETH, pacgen, http_load) but have no experience with any of them. By 
> high speed, I mean something that'll push 100Mb/s, and (hardware allowing) 
> 1Gb/s
>
> Ideally, it would be nice to have something that emulated sessions between 
> a couple of ip addresses, but I'll take a variety of packet generation.

the false-positive-generator fpg is able to generate false positive
network packets based on a snort.conf file. This programs reads the
rules of the snort.conf file and tries to generate a network packet
with all parts necessary to generate an alert. 

The program is able to generate traffic much faster than your network
(at least more than 100 Mb/s on an actual computer. I never had a 
gigabit network so far...)

To compile the program you need libnet-1.1 or higher. The sources of
fpg are part of the FLoP project (http://www.geschke-online.de/FLoP).
On this page you can find a compiled version of fpg for linux/x86.

Best regards

Dirk



This program is par



-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive?  Does it
help you create better code?  SHARE THE LOVE, and help us help
YOU!  Click Here: http://sourceforge.net/donate/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users