[Oisf-users] Suricata Testing

Cooper F. Nelson cnelson at ucsd.edu
Thu Jul 24 17:42:34 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Live traffic.  Best test conditions there are!

Generally, to test for stability/performance you want to run suricata
with no rules enabled at first.  Assuming you are not dropping any
packets than you can start enabling rulesets.

I'm seeing over 10k 'Priority: 1' alerts a day so there is no need to
generate any malicious traffic.  The bad guys do enough of that for us
as-is.

- -Coop

On 7/24/2014 5:40 AM, Robert Clove wrote:
> Hi All, 
> 
> I just wanted to know from suricata developers as well users that
> 
>   *  How you test suricata stability(for 1/10gbps of traffic)?
>   * what are the test beds?
>   * which tools you use?
>   * How you generate the malicious traffic?
>   * If we want to test it for ipv4/ipv6 which tools you suggest?
> 
> 
> 
> Regards
> 
> 
> 
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> OISF: http://www.openinfosecfoundation.org/
> 


- -- 
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJT0UWJAAoJEKIFRYQsa8FW7EoIAM3E5cr7riKDV4DZBS3js3Ph
c1pO8vAhubAUoskaIIGYZXHwJ5iTYV//jflAG+K3co0xUT/jiOKNV0Qgh6dtjw+B
C1YvYvPxSU3lVzMPFaqcmYjeY764B1u73VFEb0A8mBfxDCCDONe7bOE+atC/+Vqy
NLdKmtMj6gfP3SWOkJbcmnM3wKvZFpXp9ibdTo+UPkKCqgdeKb7vAq2nGCub/Jas
X0AVkAw0deh4srsIuv3IcqFi79Hrq0nWkWV60DiSbTJbga3PLcob3DPyt4gMU7dQ
7cldBH9l+rYgFjuSOIohIdQcEo054rp5NS0awIIDsmadLgfnNidBGlrqJPndnkI=
=bMZl
-----END PGP SIGNATURE-----



More information about the Oisf-users mailing list