focus-ids December 2008 archive
Main Archive Page > Month Archives  > focus-ids archives
focus-ids: Re: IDS testing. Libs for packet capture.

Re: IDS testing. Libs for packet capture.

From: <Skyler.Bingham_at_nospam>
Date: Wed Dec 03 2008 - 20:39:29 GMT

Have you looked at tcpreplay? It allows you to playback libpcap packet capture files in real-time (among other things).

Skyler Bingham
(602) 957-1650 x1139 "Александр Сайко" <saiko.a.s@gmail. com> To Sent by: listbounce@securi cc Subject IDS testing. Libs for packet 12/02/2008 04:18 capture. PM


I have been working in IDS testing. Now I'm focused on testing network modules, like Snort, netstat, ect. I search for a tools to play traffic from tcpdumps. Is anyone in the group working on something like that? The idea is to develop some libpcap-like lib for playing tcpdumps. The question is: had it been already done? Are there any other common libs for packet captureing used in common IDSs?

Saiko Alexander

Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to

to learn more.