IDS mailing list archives
RE: IDS security testing training
From: "Peter Schawacker" <pschawacker () nfr com>
Date: Fri, 31 Jan 2003 08:19:45 -0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 You can download the paper, "Benchmarking IDS" from http://www.nfr.com/publications/. Cheers, Peter Schawacker, CISSP Senior Systems Engineer NFR Security 43300 Warner Trail Palm Desert, CA 92211 Office: 760-200-4258 Mobile: 760-221-2404 - -----Original Message----- From: Jason Falciola [mailto:falciola () us ibm com] Sent: Wednesday, January 29, 2003 11:55 AM To: focus-ids () securityfocus com Subject: Re: IDS security testing training I don't have direct answers to your questions, but I believe Marcus Ranum wrote a good paper on testing IDS a while ago. Can't seem to find the link to it right now. :( Jason Falciola Information Security Analyst IBM Managed Security Services falciola () us ibm com "Pete Herzog" <lists () isecom org> 01/29/2003 04:27 AM Please respond to lists To: <focus-ids () securityfocus com> cc: Subject: IDS security testing training Hi, The Institute for Security and Open Methodologies (www.isecom.org) is preparing to release the next version of the OSSTMM (Open Source Security Testing Methodology Manual - www.osstmm.org) which among other things, provides remote testing steps for IDS effectivness and limitations. We have also incorporated these tests into our open source training materials (OSSTMM Professional Security Tester). I am working the next two weeks on the training materials to enhance the IDS testing training and give hands on. I have some questions: Has anyone here done a training which teaches you to test IDS? What do you think is necessry for proper teaching of IDS testing? Have you used the OSSTMM for testing IDS effectiveness and do you have any comments? Thanks for whatever help you can provide! Sincerely, - -pete. -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 iQA/AwUBPjqiIPZ0MWG5/LasEQLpnQCgi7we7R6Zt5RcqorarG3B10Bgqx8An2vQ wzBwXLTzrPtUEO4409dZgkGB =P9kk -----END PGP SIGNATURE-----
Current thread:
- RE: IDS security testing training Peter Schawacker (Jan 31)
- <Possible follow-ups>
- RE: IDS security testing training Young, Keith (Jan 31)