As someone has already sugested, using a scanner is a good idea.
Be careful about testing IDS's with IDS testing "tools." Some of these tools do not actually exploit a security problem, they just attempt to look like a tool that does. Some of the signatures may not fire for different IDSes with different testing tools. The best way to test is to actually exploit a target system.
I use the Cisco Secure Scanner to test my IDS! And I see only slim numbers of attack types!!Altought my scanner try/find a lot of vulnerabilities The sensor see only tcp and udp port sweeps, inproper ftp address, but nothing else!!!???
How it is, that I set the Sensor to fire when a user failed 3 times to login into a FTP Server (Sig6250), and it doesn't do that??? I set the signature to High Level and the packetd.conf int the Sensor is ok!
My system contains:cspm233i sig10 and ids4210 sp2 sig10
Cisco Secure Scanner performs a lot of its vulnerability checks usng inference. For instance, it will look for a Sendmail version on the banner information returned from TCP port 25. If it finds a version containing a known vulnerability, it will report the problem without actually trying the real Sendmail exploit. This can explain some of vulnerabilities reported by CSS and not by CSIDS. Also, make sure that the active exploit are enabled during the scan. Otherwise, CSS won't try any of it's more probing exploits. In regards to signature 6250 not firing, this could be a potential problem if the FTP login attempts occurred in different sessions. Signature 6250 currently assumes that all the login events occurred in the same TCP session. We are working on an event aggregation system to help correlate multiple alarms in a future release.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :