Network Intrusion Generater

From: Rick Zhong (isc00801@nus.edu.sg)
Date: 08/12/02


From: "Rick Zhong" <isc00801@nus.edu.sg>
To: <security-basics@securityfocus.com>, <honeypots@securityfocus.com>, <slugnet@lists.lugs.org.sg>
Date: Mon, 12 Aug 2002 18:54:25 +0800

hi, everyone
I have this idea in mind for qutie sometime but i am not sure whether it is
feasible technically.

I am thinking of building a virtual network intrusion generater. The reason
i call it virtual is that it does not attack any real target. What it did is
attack a non-existant IP/Host and generate all the necesary packets.
Meanwhile the local IDS will block all these packets and capture them for
studying and analyizing.

Up to now, i find that it's quite impossible to generate packets against a
non-existing IP/Host. (i am not very sure yet hope to get your comment .)

So the alternative way i am thinking is using real target IP and
block/capture the outgoing packets before they are released to the network.
Please comment and give any advice or suggestions you are thinking of. Also
any related info (like blocking outgoing packets etc.) are greatly
appreciated. Thank you.

regards,
Rick