Penetration Testing mailing list archives

Re: [PEN-TEST] IDS Testing

From: Talisker <Talisker () NETWORKINTRUSION CO UK>
Date: Wed, 13 Dec 2000 17:36:53 -0000

Roger

RealSecure should now be able to detect a Fragrouter attack
http://www.anzen.com/research/nidsbench/fragrouter.html but there might be
some mileage in trying it.
Siden sounds pretty good claiming " The current SIDEN architecture allows
you to simulate coordinated/distributed network probes by a group of
attackers" http://siden.sourceforge.net/
Robert Graham will be releasing a tool called sidestep which he claims
bypasses most NIDS except BlackICE. I'd rather not provide the URL until he
releases it fully.

Andy
http://www.networkintrusion.co.uk
Talisker's Network Security Tools List
                    '''
                 (0 0)
  ----oOO----(_)----------
  | The geek shall        |
  |  Inherit the earth     |
  -----------------oOO----
               |__|__|
                  || ||
              ooO Ooo
talisker () networkintrusion co uk

The opinions contained within this transmission are entirely my own, and do
not necessarily reflect those of my employer.





----- Original Message -----
From: "Roger Roberts" <rogerwroberts2000 () yahoo com>
To: <PEN-TEST () SECURITYFOCUS COM>
Sent: Tuesday, December 12, 2000 4:06 PM
Subject: [PEN-TEST] IDS Testing

Hello all,
We here are going to be conducting a local testing on
a proposal IDS System (Real Secure).  I would like to
know if anyone has written test documentation or other
show stoppers they accomplished during the test.

Thanks

Roger



__________________________________________________
Do You Yahoo!?
Yahoo! Shopping - Thousands of Stores. Millions of Products.
http://shopping.yahoo.com/

Current thread:

[PEN-TEST] IDS Testing Roger Roberts (Dec 13)
- Re: [PEN-TEST] IDS Testing Talisker (Dec 14)
- <Possible follow-ups>
- Re: [PEN-TEST] IDS Testing Wertheimer, Ishai (Dec 13)
- Re: [PEN-TEST] IDS Testing Dunker, Noah (Dec 13)
  - Re: [PEN-TEST] IDS Testing jeru (Dec 13)