Penetration Testing mailing list archives
Re: Triggering IDS
From: Andres Riancho <andres.riancho () gmail com>
Date: Thu, 16 Mar 2006 14:17:08 -0300
Hi Adam, When I need to do something like that I use one of the following : idswakeup nmap -O -T Aggresive ip-behind-ids If the other end is a webserver and you need a really quick test : wget http://ip-behind-ids/../../../../././etc/passwd If nothing triggers your IDS you should try with: Nessus niktoIf you need to do many tests, you could use tcpdump to capture an attack and then tcpreplay to resend those packets. There is also a project called tomahawk that you should check.
Cheers, Andres Riancho http://www.securearg.net/ AdamT wrote:
Dear all, Y'know how there's the EICAR anti virus test file, which lets you see if your anti-virus is working, well, I was wondering if there was something similar to let you see what happens when your IDS triggers? Should I just send a lot of NOPs in a TCP session, or make obvious port scans, or is there some kind of 'industry standard' way to deliberately trigger IDS alarms? -- AdamT 'Thank-you for not requesting read receipts' ------------------------------------------------------------------------------ This List Sponsored by: CenzicConcerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com------------------------------------------------------------------------------
------------------------------------------------------------------------------ This List Sponsored by: CenzicConcerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/forms/ec.php?pubid=10025 And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com
------------------------------------------------------------------------------
Current thread:
- Triggering IDS AdamT (Mar 15)
- RE: Triggering IDS chewy (Mar 16)
- Re: Triggering IDS Ivan . (Mar 16)
- Re: Triggering IDS Christine Kronberg (Mar 16)
- Re: Triggering IDS Andres Riancho (Mar 16)
- Re: Triggering IDS Jean-Philippe Luiggi (Mar 16)
- <Possible follow-ups>
- Re: Triggering IDS bart (Mar 16)
- Re: Re: Triggering IDS bwallace (Mar 18)