Re: IDS testing. Libs for packet capture.
- From: Skyler.Bingham@xxxxxxxxxxxxxxxxxxxx
- Date: Wed, 3 Dec 2008 13:39:29 -0700
Have you looked at tcpreplay? It allows you to playback libpcap packet
capture files in real-time (among other things).
http://tcpreplay.synfin.net/trac/
Skyler Bingham
GIAC {GSEC, GCIH, GCIA, GCFA}, CEH
(602) 957-1650 x1139
"Александр Сайко"
<saiko.a.s@gmail.
com> To
Sent by: focus-ids@xxxxxxxxxxxxxxxxx
listbounce@securi cc
tyfocus.com
Subject
IDS testing. Libs for packet
12/02/2008 04:18 capture.
PM
All,
I have been working in IDS testing. Now I'm focused on testing network
modules, like Snort, netstat, ect. I search for a tools to play
traffic from tcpdumps. Is anyone in the group working on something
like that? The idea is to develop some libpcap-like lib for playing
tcpdumps. The question is: had it been already done? Are there any
other common libs for packet captureing used in common IDSs?
---
Saiko Alexander
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
- References:
- IDS testing. Libs for packet capture.
- From: Александр Сайко
- IDS testing. Libs for packet capture.
- Prev by Date: Re: IDS testing. Libs for packet capture.
- Next by Date: Re: Worm generating network attack traffic?
- Previous by thread: Re: IDS testing. Libs for packet capture.
- Next by thread: RE: IDS testing. Libs for packet capture.
- Index(es):
