|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Joshua Gimer (jgimer
gmail.com)
Date: Mon May 05 2008 - 14:28:39 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
There are several tools that you can use to aid in testing.
I would use some automated scanning tools first such as Nessus; this
will show you how much information can be gathered about a remote
system.
Metasploit can also be of use in this situation. I would suggest
looking into the ips_filter.rb plugin.
You can also check some conference archives, and SANS reading room for
more ideas, and techniques.
http://www.sans.org/reading_room/
http://www.blackhat.com/html/bh-media-archives/bh-multimedia-archives-index.html
I know that there was a presentation that was done in 2006 about, ids
and ips evasion. I am sure that there are ton's of others.
Joshua Gimer
On May 5, 2008, at 11:10 AM, Jamie Riden wrote:
> Try to break into the network (make sure you have explicit permission
> first!) and see if it stops you, or alerts. Have a play with nessus,
> nmap and metasploit for example.
>
> I wouldn't actually go as far as attempting to infect the network with
> a virus- if it did work then you would have serious problems. You
> could try it on a completely isolated test network.
>
> cheers,
> Jamie
>
> On 05/05/2008, Paari <paarimcalsoftlabs.com> wrote:
>>
>> Hi guys,
>>
>> Can you please give me some reference or links on how to test
>> IPS/IDS
>> hardware box.
>>
>>
>> Thanks,
>> Paari
>
> --
> Jamie Riden / jamesreurope.com / jamiehoneynet.org.uk
> UK Honeynet Project: http://www.ukhoneynet.org/
>
> ------------------------------------------------------------------------
> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it
> with real-world attacks from CORE IMPACT.
> Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
> to learn more.
> ------------------------------------------------------------------------
>
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]