Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: SNORT Testing

from [Stefano Zanero] Network Security [Permanent Link]
Subject: Re: SNORT Testing
Date: Sat, 25 Feb 2006 12:12:55 +0100 
sshamay@netvision.net.il wrote:

We are doing some performance tests on “snort” .


Good luck !


The tests are focused on measuring the throughput rates of snort under 
different mixture of traffic (good traffic + a percentage of malicious 
traffic)


"I have no idea which is a good performance measure for an IDS, but I
have an exact idea which ISN'T the right one: packets per second".

I am citing from memory, so I might be wrong, but this is a famous quote
by Marcus Ranum, which I wholeheartedly adhere to.


I need your help, how should be the test environment, which tools to use etc.


<shameless_plug>
You can see some tinkering on the matter from my presentation at Black
Hat Federal:
http://www.blackhat.com/presentations/bh-federal-06/BH-Fed-06-Zanero.pdf
</shameless_plug>

-- 
Cordiali saluti,
Stefano Zanero
Dottorando di Ricerca / Ph.D. Student

Politecnico di Milano - Dip. Elettronica e Informazione
E-mail: zanero@elet.polimi.it
Web:    www.elet.polimi.it/upload/zanero

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Terminology: Inline IDS, IPS and Application Layer Firewall, Andreas Hess
Next by Date:  Re: Testing IDS with tcpreplay, Stefano Zanero
Previous by Thread:  SNORT Testing, sshamay
Next by Thread:  Re: SNORT Testing, Byron Sonne
Indexes:  [Date] [Thread] [Top] [All Lists]