Re: Traffic generator

[Dirk Geschke <dirk () geschke-online de>]

Hi Praveen

> Can anyone of you let me know if there is any traffic
> generator for generation tcp UDP and IP packets where
> we can configure the packet..In snort signatures there
> is a filed"Content" which shows the content of the
> packet..

if you are only interested in creating network packets
which could rais an alert then maybe you should take
a look at fpg (false-positive-generator) which is part
of FLoP:

http://www.geschke-online.de/FLoP/fpg.8.html

This little program will try to create a network
packet based on snort rules. Currently not all options
are useable, especially pcre, byte_test and byte_jump
do not work.

But note: To create TCP alerts you have to disable the
stream4 preprocessor. Otherwise all packets get discarded
because they are not part of an established session. But
of course ICMP, IP and UDP should still generate alerts.

Best regards

Dirk


-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - 
digital self defense, top technical experts, no vendor pitches, 
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users