Showing results for 
Search instead for 
Did you mean: 
Level 7

Tools to trigger/test various threats


I'm struggling just a bit to trigger the NSM to produce threat reports in some categories.  As background here, I'm interested in seeing these as SNMP traps, and not interested so much what I see in the user interface.

I'm using Metasploit and Tenable/Nessus to try to trigger these reports, with mixed results.

NSM defines these traps:

ivSignatureAlert -- I can produce exploit and reconnaissance catories, but I have not yet been able to produce DOS/DDOS alerts. 

ivPortScanAlert -- I can produce these.

ivHostSweepAlert -- I can't produce these.  A ping sweep across nodes shows up as a port scan

ivSummarySignatoreAlertIPPairBased -- I can't produce this with my current test tools.

ivFileAVAlert -- I can't produce this.

Any pointers here?  I just want to trigger these notifications.



0 Kudos