Attacks @ Scale

By Spirent On March 16, 2011
IPS, Scale, Studio, Testing

Last month we added a new space on TestCloud with thousands of known attacks as .msl templates. Some of you may recall that the secret behind the speed of test creation with Spirent (formerly Mu) is in the way we can take in a wide variety of formats including .pcap, .har, curl to name a few and convert it into MuSL. So what we did was we took another look at our known attack templates and made that available as .msl templates.

Image Image Image



We provide our users with a monthly drop of known attack templates, also known as published vulnerabilities. These are pulled from a variety of sources. What’s exciting is that we have now converted these tests into MuSL (Mu Scenario Language). As a result each of these test templates gets parameterized and can be run at scale. They can be sent concurrently from multiple IP addresses and can really stress out IPS/IDS system. In fact, just one of these tests when run concurrently caused a high end security gateway, which shall go nameless, to implode and get reduced to bare metal that offered zero protection. You can find the space for the known attacks on Testcloud here. All this is available to Spirent (formerly Mu) users who have the published vulnerability license and the scale license.

Our supply of known attacks are pulled form various sources including –

  • BugTraq mailing list
  • Full Disclosure mailing list
  • Linux Security alerts
  • Published alerts from ZDI, Tipping Point, iDefense
  • US-Cert
  • SANS Internet Storm Center
  • Vendor-specific feeds from Oracle, Microsoft, Novell, IBM, Red Hat and others
  • Exploit sources such as Metasploit and Exploit-DB (milw0rm)
  • Security Tracker
  • Reliable independent researchers
  • Social media such as Twitter
  • Mainstream news such as The Register

In addition, we cross reference our coverage with other alerting sources such as Secunia, VUPEN, and Security Focus. Happy testing, this is going to cause a lotta damage!

comments powered by Disqus
× Spirent.com uses cookies to enhance and streamline your experience. By continuing to browse our site, you are agreeing to the use of cookies.