Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

IPS Test Attack Signatures

I want to test my IPS triggering an inbound IPS Sig event. Can anyone advise if Cisco has test attack files available to download for this purpose?

Regards

3 REPLIES
New Member

Re: IPS Test Attack Signatures

We do not provide attack files, however if you simply want to test the signatures, some alerts which are easy to fire are:

2004-0 ICMP Echo Request

2000-0 ICMP Echo Reply

Please ensure you enable them, as they are disabled by default.

New Member

Re: IPS Test Attack Signatures

The signatures you advise do not exist in my .sdf (checked "sh ip ips sig"). only sigs in the 2000 cat(ICMP) are 2156, 2156:0,1,2.

Appreciate any further suggestions.

New Member

Re: IPS Test Attack Signatures

Use nessus or hping2 to test signatures. You will get tons of alarms when using nessus or

hping2 to simulate an attack on your network.

David

CCIE security

907
Views
5
Helpful
3
Replies
CreatePlease to create content