> Thank you so much, for all your replies. But there is some misconception > from my query. I actually meant how to test the IPS hardware box, like > testing the processor and the sensing ports and how to melt down the IPS > hardware box. Basically the general guide line for testing the IPS/IDS > hardware box. Do we need any specific tools for this?
NSS Labs ( http://nsslabs.com/ ) is an outfit that does exactly this. They do use specialized equipment, such as the Spirent Avalanche to do this, but you could probably rig up a simplified version with some bare-bones Linux boxes (I would recommend using dedicated Intel NICs) on a separate network and some tools like netcat, hping, and the afore mentioned metasploit. The thing I really like about NSS Labs is that they publish their evaluation criteria, which you can find on their website. This criteria looks not just at detection of exploits, but at performance issues and evasion as well (who cares what an IDS can detect if an attacker can just put it out of commission first?). Hope this helps, Terry ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
