If you're going to go through the effort of capturing/replaying
traffic, you could also use tcpreplay. While it doesn't have a pretty
gui, it offers basically the same functionality for free.
Honestly though, if you want to actually use CI against a set of
hosts, then neither tcpreplay or Traffic IQ would seem to be up to the
task since they're stateless and unable to establish TCP sessions to a
target (both are designed to test inline firewalls/IPS or passive
devices like IDS). Flowreplay (part of tcpreplay 3.x) is supposed to
fill that gap, but is still alpha quality at best right now.
On 11/10/05, Tony Haywood <thaywood@karalon.com> wrote:
Jason,
Traffic IQ Pro has the ability to set a delay on a per packet or per traffic
file basis by up to 1 hour in minute, second and millisecond increments.
If you are already using Core Impact but it is not providing this capability
then you could capture the output and import the captures into Traffic IQ
for replay.
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
