OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Simon Edwards (SEdwardstoplayer.com)
Date: Fri Jan 25 2002 - 09:00:42 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    ISS are talking about putting this into version 7, however we are TopLayer
    are also working on some management integration with ISS - so that we could
    send alerts back into the Event Collector - the obvious one would be packet
    loss.

    The initial way I am planning to set this up would probably to have a Server
    Sensor sitting off our management port listening to SYSLOG streams coming
    from our box, these alerts would then be past back to the EC. However we
    have been in discussion with ISS about using a more solid method in the
    future.

    If this is of interest to anyone let me know, and I will put it further up
    my to do list !!

    Oh and thanks for the mention ;-)

    Cheers

    Simon
    ________________________________________________
    Simon Edwards
    Technical Evangelist
    Top Layer Networks
    US Office : 508 870 1300 x230
    UK Office : +(44) 1252 748509
    UK Mobile: +(44) 7971 959170
    www: www.TopLayer.com <http://www.TopLayer.com>
    email: sedwardstoplayer.com <mailto:sedwardstoplayer.com>
     
    "Perfecting the Art of Network Security"
    ----------------------------------------------------------------------------
    --------

    -----Original Message-----
    From: Ken Pohniman [mailto:kenpohnimanyahoo.com]
    Sent: 24 January 2002 23:53
    To: 'Chad Gough'; focus-idslists.securityfocus.com
    Subject: RE: Generating Traffic to Stress Test IDS

    From what I understand, a NIDS can typically handle up to 40Mbps of traffic
    at any one time before starting to drop packets aggresively. An IDS
    Balancer, like that from TopLayer Networks, will be required, especially if
    you're talking about a GE network.

    Btw, regardless of what tool you use, does anyone knows how to check what is
    the packet drop rate on the IDS?

    Thanks!

    -----Original Message-----
    From: Chad Gough [mailto:chad131yahoo.com]
    Sent: Thursday, January 24, 2002 11:27 PM
    To: focus-idslists.securityfocus.com
    Subject: Generating Traffic to Stress Test IDS

    Does anyone know of any good tools that can generate alot of network
    traffic to see at what point an IDS starts dropping packets?

    Thanks,
    Chad

    __________________________________________________
    Do You Yahoo!?
    Great stuff seeking new owners in Yahoo! Auctions!
    http://auctions.yahoo.com

    _________________________________________________________
    Do You Yahoo!?
    Get your free yahoo.com address at http://mail.yahoo.com