|Main Archive Page > Month Archives > focus-ids archives|
Try Tcpreplay - http://tcpreplay.synfin.net/trac/
Andrew Hay, RHCE, GSEC, GCIA, GCIH, CISSP
Security Analyst CAPITAL G Limited
25 Reid Street
P.O. Box HM 1194
Hamilton HM EX
From: firstname.lastname@example.org [mailto:email@example.com] On Behalf Of ????????? ????? Sent: Tuesday, December 02, 2008 7:18 PM To: firstname.lastname@example.org
Subject: IDS testing. Libs for packet capture.
I have been working in IDS testing. Now I'm focused on testing network modules, like Snort, netstat, ect. I search for a tools to play traffic from tcpdumps. Is anyone in the group working on something like that? The idea is to develop some libpcap-like lib for playing tcpdumps. The question is: had it been already done? Are there any other common libs for packet captureing used in common IDSs?
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more.
The information in this Internet e-mail, including attachments, contains information that is confidential and may be protected by attorney client privileges. This email, including attachments, constitutes non-public information intended only for the use of the designated recipient(s) to which it is addressed and may contain legal or financial information which is privileged, confidential or subject to copyright. Access by any other person to this Internet e-mail is not authorized. If you are not the intended recipient, please delete this Internet e-mail, including attachments, immediately and notify the sender by return email. Any disclosure of this Internet e-mail, including attachments, or of the parties to it, or copying, distribution or any action taken or omitted to be taken in reliance on it is prohibited, and may be unlawful.