Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: IDS evasion && testing

From: "Osborne-1, Brett" <Brett.Osborne-1 () ksc nasa gov>
Date: Sun, 7 Apr 2002 12:29:12 -0400 
There is a lot of information available. The "Hacking Exposed"  series probably goes over this somewhat. Also look for 
works from Ed Skoudis and Eric Cole (they have a couple books, which I forget despite a week with Ed in 'hacker 
training' here at SANS Orlando). 

You can also find links at 
sans.org
securityfocus.com
searcsecurity.com

There are some tools out on this - "stick" is probably the best known. I think Doug Song has some tools in this area - 
his site is on monkey.org

After some sleep, I should be able to walk you through some stuff.

Brett

-----Original Message-----
From: ph00dy
To: pen-test () securityfocus com
Sent: 4/4/02 5:22 PM
Subject: IDS evasion && testing

Hey *,
  I am looking for good information on defeating/testing NIDS. I have
tryed some "alert overflowing", and sending some attacks/scans very
slowly
to see what the results are, but I imagine there is someone who has done
more of this sort of testing that knows something I don't. Any
experience,
Ideas, papers etc.. would be helpful.
 

Thanks..
  ph00dy




------------------------------------------------------------------------
----
This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please
see:
https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: