On 2/27/06, Byron Sonne <[EMAIL PROTECTED]> wrote: > The tools that come to mind for me are 'stick' and 'snot': > http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0096.html
Unless someone updated stick & snot to actually send both client & server side of the traffic, it's a bogus test because recent versions of snort (actually for well over a year now) look for a full TCP three way setup. For more info, read the snort faq about stick & snot: http://www.snort.org/docs/faq.html There's a lot of tools available for performance testing and a lot of research on methodologies... I suggest you search the list archives since this topic comes up about once a week. -- Aaron Turner http://synfin.net/ ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
