What tools can I use to test/attack my NIDS?

B&W

B&W

Soldato
Joined
3 Oct 2003
Posts
7,668
Location
Birmingham
Hi there as part of my final year project I must install an NIDS in a virtual machine environment.

I intend to attack the NIDS with specific malware or code that will try to detect if the NIDS is running in a VM environment.

I dont have much time left (Monday hand in) and am yet to find the tools, where would I obtain them from?
 
well im still setting it up, but so far it looks like www.winsnort.com (if i get it to work..). Otherwise some other windows based snort distro.

Well my project is basically asking if theres any advantages to running a NIDS in a VM environment.

So im trying to see if I could do some kinda testing which would enable me to test if its possible to find out that the NIDS is running in a VM.
 
Last edited:
Well I have a NIDS up and running at last, thank god. :) Now I need to find ways to attack it. I have already used NMAP to do a portscan, it revealed a few things including the OS but it did not reveal any sign that it was a Virtual Machine.
 
Thank you guys.

Would you know if I could run any code or use some software scan the VM externally to detect its presence?

I can run code inside a VM which will detect its presence, but something that could do this externally would be brilliant.
 
Back
Top Bottom