Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Worm attack generation tools

from [Joey Peloquin] Network Security [Permanent Link]
Subject: Re: Worm attack generation tools
Date: Fri, 18 Aug 2006 07:49:48 -0500 
miaomitiff119 wrote:

Hi,:)
Does anyone know any tools which can be used to simulate attack traffic
(especially traffic pattern of worm attacks)? It is for the purpose of
testing IDSs. I've looked at PACKIT and Netcat, but they can't generate
"simultaneous" connections which is required for generating worm spreading
behaviour...(or are there any ways to use PACKIT or Netcat to generate
simultaneous connections?)

Many thanks!:)


Assuming you're wanting to test detections versus connections per second,
you might try Tomahawk.  We used it for testing NIPS, but I don't see why
you couldn't use it for IDS as well.

http://tomahawk.sourceforge.net/

It's been discussed on this list before, ad nauseam, but keep in mind,
ICSALabs rewrote most of the code for their certification program (v1.1), so
it shouldn't be considered a TippingPoint-leaning tool, as it has in the past.

-jp

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Who actually has HIDS/HIPS deployed?, Joey Peloquin
Next by Date:  IPS and Honeypot, nicolas . steven
Previous by Thread:  Re: Worm attack generation tools, Stefano Zanero
Next by Thread:  RE: Worm attack generation tools, Robert D. Holtz
Indexes:  [Date] [Thread] [Top] [All Lists]