OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
IDS Archives: Re: IDS: Introduction / question on hacker tools

Re: IDS: Introduction / question on hacker tools

Robert Graham (robert_david_grahamyahoo.com)
Thu, 2 Sep 1999 14:51:00 -0700 (PDT)

FAQ: See http://www.ticm.com/kb/faq/idsfaq.html
IDS: See http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owneruow.edu.au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.
USUBSCRIBE: email "unsubscribe ids" to majordomouow.edu.au
--------------------------------------------------------------------------- 

---
--- lchiavaccibe-on.it wrote:
> I have taken a look at the FAQ of this list and there are mentions of some
> utilities that could be used to test an installation.
> Could anyone tell me how to try and test the security of a firewall by using
> any
> of these utilities and where to look for them?

Since firewalls are primarily "port filters", you can test the firewall by
running a "port scanner". The best one is 'nmap' at
http://www.insecure.org/nmap. You should really get to know 'nmap' before
moving onto more complex tools.

Also remember that there isn't anyway to run a scanner against a firewall in
order to conclusively say that it is "secure". That's what IDS is for -- to
double-check the firewall's effectiveness.

===
Robert Graham
"Anxiously awaiting the millenium so I can start programming
dates with 2-digits again."
__________________________________________________
Do You Yahoo!?
Bid and sell for free at http://auctions.yahoo.com

This archive was generated by hypermail 2.0b3 on Fri Sep 03 1999 - 23:27:54 CDT