I am working on an algorithm that monitors the behavior of software ports and accordingly sends notifications to the user about suspicious activity through email.
This projects moves forward in 3 parts:
1. Creating or rather what I am calling simulating a lot of activity on my computers ports.
2. Monitoring this port activity and using my algorithm to determine suspicious activity.
3. Sending email to the users with my conclusions.
From this, I am having problem with simulating lots and lots of activity on a number of software ports on my system. Basically I need raw data to work with. I mean my algorithm is going to need a large amount of port activity in the first place! now i do not have a production server for myself! So how do i (sort of) replicate or simulate the port activity of large scale servers on my puny desktop ? Of course; I actually don’t need to actually run hundreds of websites, just need enough software port activity to get my algorithm enough data to work with .. any ideas people?
I don’t know if I understand your needs perfectly. “Simulating” can be thought of in two ways. Nevertheless, here is the answer.
What is the design of your application? If it is “straightforward” (or “naive”), that is, you check the actual ports on the machine and do the action afterwards, than the problem of simulating it lies in this design.
(The rest is based on this assumption)
You should have your design much more modularized, removing coupling and separating concerns.
There are basically three concerns in your application: monitoring physical ports, making decision based on the activity of logical ports (here, the separation) and finally, notification behaviour (sending emails / whatever).
Each of these parts should be self-contained. Testable as-is, without need for the other parts of the application.
Result of this design: trivial simulation. For the “simulation” part, you only need to simulate the second concern, not the first.
Possible solution: in the company I worked some time ago, they were making low-level network heavy application. They used blackboard very successfully. They filled the blackboard with network-related events, and the code reacted to these events possibly generating new ones which were then taken back to the hardware. This elegantly let them to test application in various scenarios of networking action (like inserting/removing network card etc.) without actually painfully trying to actually simulate it.
If your question was trying to really simulate physical activity on ports, someone can probably suggest some white hat “simulating attack” products/services. You would need second computer probably to issue the network activity from outside (because you probably discriminate localhost activity from outside network activity).