IDS mailing list archives
interesting paper on testing sig-based IDS
From: "Kohlenberg, Toby" <toby.kohlenberg () intel com>
Date: Fri, 25 Feb 2005 21:01:22 -0800
http://www.cs.ucsb.edu/~vigna/pub/2004_vigna_robertson_balzarotti_CCS04. pdf It seems very similar (at least at first glance) what what's been implemented by RFP in Whisker (the anti-IDS techniques) or in Metasploit (IDS confusion techniques). Have any/many of you seen this before? It seems like it's something we would have seen cross this list but I don't remember it doing so. t Toby Kohlenberg, CISSP, GCIH, GCIA Senior Information Security Analyst Applied Security Technology Team Intel Corporate Information Security 503-712-8588 Office & Voicemail 877-497-1696 Pager "Just because you're paranoid, doesn't mean they're not after you." PGP Fingerprint: 92E2 E2FC BB8B 98CD 88FA 01A1 6E09 B5BA 9E84 9E70 -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- interesting paper on testing sig-based IDS Kohlenberg, Toby (Feb 28)
- Re: interesting paper on testing sig-based IDS Jonathon Giffin (Mar 01)
- Re: interesting paper on testing sig-based IDS buineach (Mar 02)
- Re: interesting paper on testing sig-based IDS Shai Rubin (Mar 02)
- Re: interesting paper on testing sig-based IDS buineach (Mar 02)
- Re: interesting paper on testing sig-based IDS Giovanni Vigna (Mar 02)
- Re: interesting paper on testing sig-based IDS Stefano Zanero (Mar 04)
- Re: interesting paper on testing sig-based IDS Richard Bejtlich (Mar 02)
- <Possible follow-ups>
- RE: interesting paper on testing sig-based IDS Kyle Quest (Mar 04)
- RE: interesting paper on testing sig-based IDS Jose Maria Lopez Hernandez (Mar 06)
- RE: interesting paper on testing sig-based IDS Kyle Quest (Mar 06)
- RE: interesting paper on testing sig-based IDS Brian Smith (Mar 06)
(Thread continues...)
- Re: interesting paper on testing sig-based IDS Jonathon Giffin (Mar 01)