Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
trawa05
Explorer

How do I test if IPS is Working?

Hey,

how to test IPS is working?

For antivirus is easy, you download eicar file, but how to test IPS?

The best would be to:

- test it with first TCP SYN packet (to not actually connect to a server)

- test from outside (internet) 

- use windows machine (any application can be installed if needed). 

Nothing sophisticated, goal is to get log entry as an evidence.

It would be nice to have some 'how to'. Please share how you test it.

0 Kudos
Reply
2 Replies
PhoneBoy
Admin
Admin

The fundamental task: generate traffic that passes an Access Control rule and triggers a signature.
A fairly simple one to do is Max Ping Size.
It doesn’t require special software to be installed.
This protection is disabled by default but can be enabled and set to a specific size.
Generate a ping of a size larger than you’ve configured.

For more comprehensive testing, you can use something like metasploit to generate test traffic.
Cyber_Serge
Contributor

Maybe it can be tested using the checkme tool?
http://www.cpcheckme.com/checkme/

0 Kudos
Reply