IDS mailing list archives
RE: Snort signature packet generator
From: "Jeff Dell" <jdell () activeworx com>
Date: Mon, 8 Nov 2004 10:27:22 -0500
You might want to take a look at stick or snot... They can be found at: Snot: http://www.stolenshoes.net/sniph/index.html Stick: http://www.eurocompton.net/stick/projects8.html http://www.securityfocus.com/tools/1974 Jeff
-----Original Message----- From: Graeme Connell [mailto:gconnell () middlebury edu] Sent: Friday, November 05, 2004 12:29 PM To: focus-ids () securityfocus com Subject: Snort signature packet generator I'm attempting to train a neural network using snort, and I'm having trouble getting a good number of "bad" packets, IE: those that snort considers malicious. Since a snort signature is really just a definition of a subset of all possible packets, it seems like it should be possible to create a packet that snort considers bad by filling in packet fields based on a snort signature, then filling the rest of the packet with random garbage. Does anyone know if this type of program has already been created, and if so, where could I find it? Thanks. --Graeme Connell -------------------------------------------------------------- ------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. -------------------------------------------------------------- ------------
-------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- Snort signature packet generator Graeme Connell (Nov 08)
- RE: Snort signature packet generator Eric Hines (Nov 09)
- RE: Snort signature packet generator Jeff Dell (Nov 09)
- Re: Snort signature packet generator Dirk Geschke (Nov 09)
- RE: Snort signature packet generator Leandro Reox (Nov 12)
- Re: Snort signature packet generator Martin Roesch (Nov 09)
- Re: Snort signature packet generator Stefano Zanero (Nov 14)
- <Possible follow-ups>
- RE: Snort signature packet generator adam.w.hogan (Nov 09)
- Re: Snort signature packet generator ADT (Nov 12)
- Re: Snort signature packet generator Derek Armstrong (Nov 09)
- RE: Snort signature packet generator Simon and Lori Chang (Nov 12)