Re: IDS Testing tool

From: Tobias Klein (tobias.klein_at_ewetel.de)
Date: 06/14/04

  • Next message: Ian: "Re: whisker page and nidsbench page unaccessible"
    Date: Mon, 14 Jun 2004 09:34:16 +0200
    To: "Arun Vishwanathan" <arun.vishwanathan@nevisnetworks.com>, <focus-ids@securityfocus.com>
    
    

    my post from jul last year / topic ids testing tools:
    here are a frew tools to test your ids ruleset

    http://www.packetstormsecurity.nl/distributed/stick.tgz
    http://securityfocus.com/data/tools/stick.tgz
      http://www.whitehats.com/cgi/tools/BrowseTree?field=Category&separator=:&recurse=1&order=&value=Assessment%3aIDS%20Testing%20and%20Evasion
    ftp://ftp.st.ryukoku.ac.jp/pub/security/tool/snot/
    http://www.robertgraham.com/tmp/sidestep.html
    http://adam.kaist.ac.kr/~bugsy/mendax.html
    http://www.hsc.fr/ressources/outils/idswakeup/
    http://packetstorm.widexs.nl/UNIX/IDS/nidsbench/nidsbench.html

    think that will helps you

    -- newroot

    At 10:17 08.06.2004 +0530, Arun Vishwanathan wrote:

    >Hi list,
    >
    >Is anyone aware of any open source equivalent of Blade's IDS Informer
    >tool to test IDSes? I am aware that TCPReplay can be used to test IDSes
    >but then we will need to make actual attacks at least once to capture
    >the traffic. Any help would be appreciated.
    >
    >Regards,
    >Arun V
    >-------------------------------------------------------------
    >"Using encryption on the Internet is the equivalent of arranging
    > an armored car to deliver credit-card information from someone
    > living in a cardboard box to someone living on a park bench."
    > -Gene Spafford
    >-------------------------------------------------------------
    >
    >
    >
    >
    >---------------------------------------------------------------------------
    >
    >---------------------------------------------------------------------------

    ---------------------------------------------------------------------------

    ---------------------------------------------------------------------------


  • Next message: Ian: "Re: whisker page and nidsbench page unaccessible"

    Relevant Pages

    • Re: How Ironic...
      ... using it to influence your choice in IDs? ... while your living at your grandmaws LOSER! ... I know a gay guy at work that can get you the opposite, but something tells me your 200 gig drive is maxed. ...
      (alt.sports.football.pro.phila-eagles)
    • RE: IDS Informer
      ... Subject: IDS Informer ... The main difference with IDS Informer and other testing tools (such ... While the attack is happening we have a network ...
      (Focus-IDS)
    • RE: IDS Informer
      ... quickly answer you question we can target any ip address. ... on the same segment as the IDS without harming that machine. ... I was looking at the IDS Informer and noticed ... While the attack is happening we have a network ...
      (Focus-IDS)
    • RE: IDS Informer
      ... The main difference with IDS Informer and other testing tools (such ... While the attack is happening we have a network ...
      (Focus-IDS)
    • IDS Testing tool
      ... Is anyone aware of any open source equivalent of Blade's IDS Informer ... I am aware that TCPReplay can be used to test IDSes ... living in a cardboard box to someone living on a park bench." ...
      (Focus-IDS)