IDS-Test-Suite is Available!
Article written by Kishor D
A GreaseMonkey script that lets you test your IDS installation against latest attack vectors is available here.
The script was written with following goals in mind,
- To perform regression tests on the IDS (During development phase).
- To perform false positive/negative tests.
- To let IDS users verify that they are safe against latest attack vectors and are using the latest rule sets.
The script is simple to use,
- Load the PHPIDS test URL (on your server) in the browser
- Go to ‘User Script Commands’ option under GreaseMonkey status bar icon and click ‘Run IDS Test’
- Choose to run either one or all 3 default attack vector files by clicking OK/CANCEL.
- Choose whether you want to test IDS with POST requests
- Choose whether want to test the IDS for false positives or false negatives.
- After the test completes, the results can be viewed in the Error Console window.
Notes:
- If the script finds a response code other than 200 on attack, it gets reported in the error console.
- The script injects a parameter named ‘test’ in GET and POST requests.
This entry was posted
on Tuesday, July 17th, 2007 at 6:51 pm and is filed under .NETIDS, PHPIDS.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
July 21st, 2007 at 11:03 pm
I’m unclear on where to place this on my site, and how to execute it. I placed it in the drupal root directory and upon calling it, only get a listing of the script.
July 21st, 2007 at 11:54 pm
Hi!
You gotta use greasemonkey to execute the regression test suite. Just drop us a line in the forums and we’ll help you with more details.
Cheers,
.mario