IDS mailing list archives

RE: IDS security testing training

From: "Peter Schawacker" <pschawacker () nfr com>
Date: Fri, 31 Jan 2003 08:19:45 -0800

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

You can download the paper, "Benchmarking IDS" from http://www.nfr.com/publications/.

Cheers,

Peter Schawacker, CISSP
Senior Systems Engineer
NFR Security
43300 Warner Trail
Palm Desert, CA 92211
Office: 760-200-4258
Mobile: 760-221-2404 


- -----Original Message-----
From: Jason Falciola [mailto:falciola () us ibm com] 
Sent: Wednesday, January 29, 2003 11:55 AM
To: focus-ids () securityfocus com
Subject: Re: IDS security testing training


I don't have direct answers to your questions, but I believe Marcus Ranum 
wrote a good paper on testing IDS a while ago.  Can't seem to find the 
link to it right now.  :( 

Jason Falciola 
Information Security Analyst 
IBM Managed Security Services 
falciola () us ibm com 



        "Pete Herzog" <lists () isecom org> 
        01/29/2003 04:27 AM 
        Please respond to lists 
                  
                 To: <focus-ids () securityfocus com> 
                 cc: 
                 Subject: IDS security testing training 
                


Hi, 

The Institute for Security and Open Methodologies (www.isecom.org) is 
preparing to release the next version of the OSSTMM (Open Source Security 
Testing Methodology Manual - www.osstmm.org) which among other things, 
provides remote testing steps for IDS effectivness and limitations.  We 
have 
also incorporated these tests into our open source training materials 
(OSSTMM Professional Security Tester).  I am working the next two weeks on 
the training materials to enhance the IDS testing training and give hands 
on.  I have some questions: 

Has anyone here done a training which teaches you to test IDS? 

What do you think is necessry for proper teaching of IDS testing? 

Have you used the OSSTMM for testing IDS effectiveness and do you have any 
comments? 

Thanks for whatever help you can provide! 

Sincerely, 
- -pete. 




-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQA/AwUBPjqiIPZ0MWG5/LasEQLpnQCgi7we7R6Zt5RcqorarG3B10Bgqx8An2vQ
wzBwXLTzrPtUEO4409dZgkGB
=P9kk
-----END PGP SIGNATURE-----

Current thread:

RE: IDS security testing training Peter Schawacker (Jan 31)
- <Possible follow-ups>
- RE: IDS security testing training Young, Keith (Jan 31)