Create a Post
Showing results for 
Search instead for 
Did you mean: 

How do I test if IPS is Working?


how to test IPS is working?

For antivirus is easy, you download eicar file, but how to test IPS?

The best would be to:

- test it with first TCP SYN packet (to not actually connect to a server)

- test from outside (internet) 

- use windows machine (any application can be installed if needed). 

Nothing sophisticated, goal is to get log entry as an evidence.

It would be nice to have some 'how to'. Please share how you test it.

0 Kudos
2 Replies

The fundamental task: generate traffic that passes an Access Control rule and triggers a signature.
A fairly simple one to do is Max Ping Size.
It doesn’t require special software to be installed.
This protection is disabled by default but can be enabled and set to a specific size.
Generate a ping of a size larger than you’ve configured.

For more comprehensive testing, you can use something like metasploit to generate test traffic.

Maybe it can be tested using the checkme tool?

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events