IDS mailing list archives
study on subverting IDSs
From: Nomellames nunca <nomesigas () gmail com>
Date: Tue, 3 Jan 2006 01:42:05 -0500
Hello all, I want to test IDS against subversion attacks (attacks directed to the IDS itself or any of the element used by the IDS for collecting and reporting in order to modify their result). I would like to test a mixture of different IDS solutions. Obviously, host based IDSs are easily subverted by modifying the kernel once the system is penetrated. But my aim is to check how complex is to do the same with NIDS an other forms of IDSs. Obviously this depends on deployment, but I will use the default or suggested options for the study. I already have a good list of IDS solutions I want to study, but I would like your opinion on possible target for this study, as I work in academia and deal mainly with open solutions, like SNORT or Emerald. Best, Jesus ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
Current thread:
- study on subverting IDSs Nomellames nunca (Jan 05)
- Re: study on subverting IDSs jipi dini (Jan 10)