Re: Test scripts for NIDS

From: Jose Maria Lopez (jkerouac@bgsec.com)
Date: Tue Aug 31 2004 - 16:23:33 EDT

• Next message: Jose Maria Lopez: "RE: listing directory structure within webserver root"
• Previous message: Philip Wagenaar: "Betr.: Craking Serv-u passwords stored in .ini file."
• In reply to: John Madden: "Test scripts for NIDS"
• Next in thread: Bénoni MARTIN: "RE: Test scripts for NIDS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

El lun, 30 de 08 de 2004 a las 20:59, John Madden escribió:
> Hi all,
>
> I'm looking for tools that can test the effectiveness
> of an NIDS like:
>
> - How much load can it take before dropping packets ?
> - What attacks can it detect or not detect
>
> etc...
>
> Any suggestions would be appreciated.
>
> Thanks

It all depends of what NIDS you are talking about. For snort
I use a combination of Nessus checks, the Metasploit project,
a set of exploits I've been taking from the web and my own
fabricated attacks with hping2, nmap or whatever I think could
be useful.

I know there are commercial applications that can do this job,
but I can't afford them and the combination I have cited works
quite well.

To see how much packets it can eat at a time I watch the snort
logs but until now I have not made really serious work in that
aspect so I can't give you advise.
 

-- 
Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac@bgsec.com
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAÑA
The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
                -- Jack Kerouac, "On the Road"
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------

• Next message: Jose Maria Lopez: "RE: listing directory structure within webserver root"
• Previous message: Philip Wagenaar: "Betr.: Craking Serv-u passwords stored in .ini file."
• In reply to: John Madden: "Test scripts for NIDS"
• Next in thread: Bénoni MARTIN: "RE: Test scripts for NIDS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:02 EDT