Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Simulating Retransmissions

from [Christian Kreibich] Network Security [Permanent Link]
Subject: Re: Simulating Retransmissions
Date: Mon, 17 Apr 2006 23:25:14 +0100 
Hi Mike,

I'd suggest recording a raw form of suitable traffic via tcpdump, then
editing it according to your needs, and then replaying it onto your
network using tcprelay or similars. Netdude (netdude.sf.net) is ideal
for creating small, specific patterns for tickling your IDS. It was the
main purpose we developed it for when working on traffic normalization
years ago. You're very welcome to pop by our mailing list in case you
have any questions.

Good luck,
Christian.

On Sun, 2006-04-16 at 13:49 -0400, Mike Gibson wrote:

Or does anyone know of a proxy application like Achilles or Burp that
works at the TCP level so that I could just drop the ACK packets while
they were on their way out of the client machine?

On 4/13/06, Mike Gibson <micheal.gibson@gmail.com> wrote:

Hi everyone,

I need to have a server application retransmit some TCP packets to my
client to test my IDS.


-- 
________________________________________________________________________
                                          http://www.cl.cam.ac.uk/~cpk25
                                                    http://www.whoop.org


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: IPS false negatives, Thomas Choi
Next by Date:  Re: IDS vs. IPS deployment feedback, Aaron
Previous by Thread:  Re: Simulating Retransmissions, Mike Gibson
Next by Thread:  RE: IPS false positives, Basgen, Brian
Indexes:  [Date] [Thread] [Top] [All Lists]