02-09-2007 07:21 PM - edited 03-10-2019 03:27 AM
I want to test my IPS triggering an inbound IPS Sig event. Can anyone advise if Cisco has test attack files available to download for this purpose?
Regards
02-11-2007 07:49 PM
We do not provide attack files, however if you simply want to test the signatures, some alerts which are easy to fire are:
2004-0 ICMP Echo Request
2000-0 ICMP Echo Reply
Please ensure you enable them, as they are disabled by default.
02-12-2007 02:25 PM
The signatures you advise do not exist in my .sdf (checked "sh ip ips sig"). only sigs in the 2000 cat(ICMP) are 2156, 2156:0,1,2.
Appreciate any further suggestions.
02-15-2007 07:19 PM
Use nessus or hping2 to test signatures. You will get tons of alarms when using nessus or
hping2 to simulate an attack on your network.
David
CCIE security
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide