cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
422
Views
0
Helpful
5
Replies
Beginner

Effective way to test IDS

Is there any safe way to test Firepower's IDS policy on a machine to see if the IDS policy is working? I know of the EICAR test for detecting malicious files, but is there an equivalent site we can go to for IDS testing?

Everyone's tags (3)
5 REPLIES 5
Highlighted
Enthusiast

Re: Effective way to test IDS

Hi,

Try some penetration testing tools like Metasploit.

 

Hope This Helps

Abheesh

Highlighted
Beginner

Re: Effective way to test IDS

Does this tool allow you to test an end-user PC to see if it is protected from ransomware or other vulnerabilities?

Highlighted
Cisco Employee

Re: Effective way to test IDS

I have personally used Qualys in the past. They have a personal/community edition that is free of charge that does not include all features and can scan a limited number of IPs. However, if you end up liking it, you can get the paid version:

https://www.qualys.com/community-edition/

I hope this helps!

Thank you for rating helpful posts!

Highlighted
Beginner

Re: Effective way to test IDS

Is it safe to say that Firepower can protect against most common ransomware assuming it matches the appropriate rule with DPI/Intrusion policy enabled or is that more of a function of the security intelligence?

Highlighted
Engager

Re: Effective way to test IDS

hi,

you can test the FP intrusion policy/rule by performing a penetration test.

i tried kali linux 'armitage' to trigger them.

see helpful link:

http://wannabecybersecurity.blogspot.com/2019/08/configuring-cisco-fmc-intrusion-policy.html