Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



IDS: Re: To test IPS/IDS box.

Re: To test IPS/IDS box.

From: Joshua Gimer <jgimer_at_gmail.com>
Date: Mon, 5 May 2008 13:28:39 -0600

There are several tools that you can use to aid in testing.

I would use some automated scanning tools first such as Nessus; this
will show you how much information can be gathered about a remote
system.

Metasploit can also be of use in this situation. I would suggest
looking into the ips_filter.rb plugin.

You can also check some conference archives, and SANS reading room for
more ideas, and techniques.

http://www.sans.org/reading_room/

http://www.blackhat.com/html/bh-media-archives/bh-multimedia-archives-index.html

I know that there was a presentation that was done in 2006 about, ids
and ips evasion. I am sure that there are ton's of others.

Joshua Gimer

On May 5, 2008, at 11:10 AM, Jamie Riden wrote:

> Try to break into the network (make sure you have explicit permission
> first!) and see if it stops you, or alerts. Have a play with nessus,
> nmap and metasploit for example.
>
> I wouldn't actually go as far as attempting to infect the network with
> a virus- if it did work then you would have serious problems. You
> could try it on a completely isolated test network.
>
> cheers,
> Jamie
>
> On 05/05/2008, Paari <paarim_at_calsoftlabs.com> wrote:
>>
>> Hi guys,
>>
>> Can you please give me some reference or links on how to test
>> IPS/IDS
>> hardware box.
>>
>>
>> Thanks,
>> Paari
>
> --
> Jamie Riden / jamesr_at_europe.com / jamie_at_honeynet.org.uk
> UK Honeynet Project: http://www.ukhoneynet.org/
>
> ------------------------------------------------------------------------
> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it
> with real-world attacks from CORE IMPACT.
> Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
> to learn more.
> ------------------------------------------------------------------------
>

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
Received on May 05 2008

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos