TcpReply
Tcpreplay is aimed at testing the performance of a NIDS by
replaying real background network traffic in which to hide
attacks. Tcpreplay allows you to control the speed at which the
traffic is replayed, and can replay arbitrary tcpdump traces. Unlike
programmatically-generated artificial traffic which doesn't
exercise the application/protocol inspection that a NIDS performs,
and doesn't reproduce the real-world anomalies that appear on
production networks (asymmetric routes, traffic bursts/lulls,
fragmentation, retransmissions, etc.), tcpreplay allows for exact
replication of real traffic seen on real networks.
https://sf.net/projects/tcpreplay/
http://tcpreplay.synfin.net
Canonical does not provide updates for tcpreplay. Some updates may be provided by the Ubuntu community.
Traffic IQ Pro
http://www.karalon.com/
Traffic IQ Professional
Traffic IQ Professional provides a unique industry approved software solution for auditing and testing the recognition and response capabilities of your corporate security defenses.
Unrivaled functionality and simplicity combine to provide a highly configurable solution for assessing, validating and auditing the recognition and response capabilities for packet filtering security devices including firewalls, routers, and intrusion detection and prevention
systems.
ISIC
http://packages.debian.org/zh-cn/etch-m68k/isic
ISIC (and components) is intended to test the integrity of an IP Stack and its component stacks (TCP, UDP, ICMP et. al.) It does this by generating controlled random packets. You can use ISIC for testing if a firewall leaks packets, or how well an IDS functions.
Protos
https://www.ee.oulu.fi/research/ouspg/Protos
ABSTRACT
Protocols are used for communication between software functions, software modules, software components, software packages, or even between the software and the user. Information security is constantly endangered by errors in the contemporary protocol implementations. The PROTOS project will research different approaches of testing implementations of protocols using black-box (i.e. functional) testing methods. The goal is to support pro-active elimination of faults with information security implications. Awareness in these issues is promoted. Methods are developed to support customer driven evaluation and acceptance testing of implementations. Improving the security robustness of products is attempted through supporting the development process.
CodeNomicom
www.codenomicon.com
商业版的Protos
Codenomicon DEFENSICS enables companies to preemptively mitigate unknown and published threats in products and services prior to release or deployment - before systems are exposed, outages occur and zero-day attacks strike.
DEFENSICS offers unparalleled blackbox, negative testing against the broadest set of applications; spanning over 130 Internet, wireless and digital media protocols.
2616
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
