0 Replies Latest reply on May 24, 2011 7:07 PM by evan

    Tools to trigger/test various threats

      Hi,

       

      I'm struggling just a bit to trigger the NSM to produce threat reports in some categories.  As background here, I'm interested in seeing these as SNMP traps, and not interested so much what I see in the user interface.

       

      I'm using Metasploit and Tenable/Nessus to try to trigger these reports, with mixed results.

       

      NSM defines these traps:

      ivSignatureAlert -- I can produce exploit and reconnaissance catories, but I have not yet been able to produce DOS/DDOS alerts. 

      ivPortScanAlert -- I can produce these.

      ivHostSweepAlert -- I can't produce these.  A ping sweep across nodes shows up as a port scan

      ivSummarySignatoreAlertIPPairBased -- I can't produce this with my current test tools.

      ivFileAVAlert -- I can't produce this.

       

      Any pointers here?  I just want to trigger these notifications.

       

      Thanks,

      -Evan-