Penetration Testing mailing list archives
Re: IDS evasion && testing
From: "Dario N. Ciccarone" <dciccaro () cisco com>
Date: Mon, 08 Apr 2002 23:45:29 -0300
http://www.hsc-labs.com/ressources/outils/idswakeup/index.html.en At 10:28 AM 4/8/2002 +0200, Renaud Deraison wrote:
On Sun, Apr 07, 2002 at 12:29:12PM -0400, Osborne-1, Brett wrote:There are some tools out on this - "stick" is probably the best known. I think Doug Song has some tools in this area - his site is on monkey.orgNessus 1.1.14 also implements some IDS evasion techniques described in Newsham's and Ptacek's paper. The neat thing is that it applies them to every Nessus check (on any TCP port). So you can test an IDS by doing a scan with IDS evasion off, then re-do the scan with IDS evasion on, and compare the results (which is quite interesting, because Nessus usually generates a _lot_ of signatures). For more details, see http://www.nessus.org/doc/nids.html -- Renaud -- Renaud Deraison The Nessus Project http://www.nessus.org ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
================================================================================================= Cisco SAFE - A Security Blueprint for Enterprise Networks SAFE for Enterprise, SMB, IPSec VPNs, Wireless and IP Telephony www.cisco.com/go/safe ================================================================================================= Disclaimer: These are my own personal opinions and not necessarily those of Cisco Systems. Sed quis custodiet ipsos custodes? Dario N. Ciccarone Cisco Systems Argentina, Paraguay, Uruguay y Bolivia Ing. Enrique Butty 240 Piso 17 C1001ABF, Buenos Aires , Argentina Phone/Vmail: 54-11-4341-0203 Fax: 54-11-4341-0149 dciccaro () cisco com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- IDS evasion && testing ph00dy (Apr 06)
- Re: IDS evasion && testing Marco de Vivo [UCV] (Apr 07)
- RE: IDS evasion && testing Bojan Zdrnja (Apr 08)
- RE: IDS evasion && testing ET LoWNOISE (Apr 09)
- RE: IDS evasion && testing Martin Vine (Apr 09)
- <Possible follow-ups>
- RE: IDS evasion && testing Osborne-1, Brett (Apr 07)
- Re: IDS evasion && testing Renaud Deraison (Apr 08)
- Re: IDS evasion && testing Dario N. Ciccarone (Apr 09)
- Re: IDS evasion && testing Andrea Barisani (Apr 10)
- Re: IDS evasion && testing Renaud Deraison (Apr 08)
- RE: IDS evasion && testing Hornat, Charles (Apr 09)