IDS mailing list archives

RE: detecting "intrusion detection"

From: "Biswas, Proneet" <pbiswas () ipolicynetworks com>
Date: Wed, 5 Oct 2005 12:47:42 -0700

Hi Sid,
  One of the basic ideas is to check if a machine is running any
interfaces in promiscuous mode.

Thanks
Proneet.

------------------------------------------------------------------------
----
"Not in the clamor of the crowded street, Not in the shouts and plaudits
of the throng, But in ourselves, are triumph and defeat"

-----Original Message-----
From: sumit.siddharth () gmail com [mailto:sumit.siddharth () gmail com] 
Sent: Monday, October 03, 2005 5:01 AM
To: focus-ids () securityfocus com
Subject: detecting "intrusion detection"

Hi list,
Is there any technique to detect if a particular machine is running an
IDS or if a network has implemented IDS.
Thanks
Sid

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708

to learn more.
------------------------------------------------------------------------


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------

Current thread:

detecting "intrusion detection" sumit . siddharth (Oct 05)
- Re: detecting "intrusion detection" Krzysztof Cabaj (Oct 06)
- Re: detecting "intrusion detection" Ron Gula (Oct 06)
- <Possible follow-ups>
- RE: detecting "intrusion detection" Biswas, Proneet (Oct 06)
- Re: detecting "intrusion detection" barcajax (Oct 06)