What about the evaluation using a specific attacks. Are there any rules available online for some kind of attacks like DOS or SQL injection. Is there any one has evualuated OSSEC against some attacks and get alerts that explain that there is an attack detected. Right now, we get only alerts with level numbers without any information about attack name or type.
On Thursday, August 16, 2012 3:58:07 PM UTC-7, JB wrote: > You can try attacking sendmail, Apache server, ftp daemon, etc. and see if > OSSEC rules trigger the alerts. > > > On Tuesday, August 14, 2012 12:18:10 AM UTC-7, mohamed khalaf wrote: >> >> which module in metasploit can i use to test ossec attack rules >> >> if no which attack library can i use to test ossec rules to simulate >> real attack to generate alerts >> >
