RE: Generating Traffic to Stress Test IDS

From: Turner, Elliot (eturner@intrusion.com)
Date: 01/24/02 

From: "Turner, Elliot" <eturner@intrusion.com>
To: "'Chad Gough'" <chad131@yahoo.com>, focus-ids@lists.securityfocus.com
Date: Thu, 24 Jan 2002 14:34:03 -0600

A NIDS is a complex system that can be tested in a variety of different
ways. One can attempt to stress the packet capture facilities of such a
system with a "packet-blaster" tool such as Smartbits, or use session
generation tools to stress the actual analysis portions of a system.

Antara.net makes a product called "FlameThrower" that can generate true
application-layer network traffic.

This type of system stresses the TCP connection reassembly and context
analysis features of a NIDS. It supports generation of traffic for a
variety of different protocols, including HTTP, DNS, SMTP, etc.

Packet capture and context analysis facilities are only two examples of
facilities that can be stressed during a NIDS performance test. Other
options include stress testing the NIDS logging facilities (to determine
event/sec performance information), notification facilities, etc.

Regards,

Elliot Turner

-----Original Message-----
From: Chad Gough [mailto:chad131@yahoo.com]
Sent: Thursday, January 24, 2002 9:27 AM
To: focus-ids@lists.securityfocus.com
Subject: Generating Traffic to Stress Test IDS

Does anyone know of any good tools that can generate alot of network
traffic to see at what point an IDS starts dropping packets?

Thanks,
Chad

__________________________________________________
Do You Yahoo!?
Great stuff seeking new owners in Yahoo! Auctions!
http://auctions.yahoo.com