Effective way to test IDS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-14-2020 07:38 AM
Is there any safe way to test Firepower's IDS policy on a machine to see if the IDS policy is working? I know of the EICAR test for detecting malicious files, but is there an equivalent site we can go to for IDS testing?
- Labels:
-
NGIPS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-14-2020 08:23 AM
Hi,
Try some penetration testing tools like Metasploit.
Hope This Helps
Abheesh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-14-2020 08:45 AM
Does this tool allow you to test an end-user PC to see if it is protected from ransomware or other vulnerabilities?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-14-2020 09:21 AM
I have personally used Qualys in the past. They have a personal/community edition that is free of charge that does not include all features and can scan a limited number of IPs. However, if you end up liking it, you can get the paid version:
https://www.qualys.com/community-edition/
I hope this helps!
Thank you for rating helpful posts!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-14-2020 10:31 AM
Is it safe to say that Firepower can protect against most common ransomware assuming it matches the appropriate rule with DPI/Intrusion policy enabled or is that more of a function of the security intelligence?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-15-2020 12:49 AM
hi,
you can test the FP intrusion policy/rule by performing a penetration test.
i tried kali linux 'armitage' to trigger them.
see helpful link:
http://wannabecybersecurity.blogspot.com/2019/08/configuring-cisco-fmc-intrusion-policy.html
