[Snort-users] Test Snort Performance

Davison, Charles Robert cdaviso1 at ...17214...
Sat Dec 19 10:51:43 EST 2015

This should be a good list of testing things:

š  Commercial
š  Ixia Breaking Point (Security Testing)
š  Nessus (Vulnerability Scanner)
š  Spirent (Security Testing)
š  Open Source
š  IDS Wakeup<http://www.hsc.fr/ressources/outils/idswakeup/> (IDS Testing)
š  Hping<http://www.hping.org/> (Packet Crafting)
š  NMAP<https://nmap.org/> (Port Scanning)
š  Nikto<https://cirt.net/Nikto2> (Web Vulnerability Scanner)
š  Ostinato<https://code.google.com/p/ostinato/> (Packet Crafting)
š  Packeth<http://packeth.sourceforge.net/packeth/Home.html> (Packet Crafting)
š  Pytbull<http://pytbull.sourceforge.net/> <http://pytbull.sourceforge.net/> (IDS Testing)
š  TCPreplay<http://tcpreplay.synfin.net/> (IPS/IDS Testing)
š  Tomahawk<http://tomahawk.sourceforge.net/> (IPS/IDS Testing)

From: Ali Masoudi [mailto:masoudi1983 at ...11827...]
Sent: Saturday, December 19, 2015 12:58 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Test Snort Performance

I have a Centos system which I compiled and installed snort on. I want to perform a performance test with custom set of rules before deploy the system. With using of iperf and some edited pcap file. I ran some tests but they're not enough.
As for pcap file, I download it from internet and I edited MAC & IP addresses using tcpwrite to match source and destination. but destination system did not see entire traffic within pcap file.
Is there any tool to test snort performance? Or should I use traffic generators available in internet?
Any help would be appreciated. Sorry for my poor English.
Best Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20151219/0bf272f5/attachment.html>

More information about the Snort-users mailing list