Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: IDS/IPS testing methodology

from [Leandro Reox] Network Security [Permanent Link]
Subject: RE: IDS/IPS testing methodology
Date: Tue, 12 Oct 2004 13:49:32 -0300 
To get a better vision of how you can do this setup, would be great if
you can describe your network topology, or, if youre building a test
enviroment, putting the IPS behind a firewall, and before it, it?s the
best way to see the variations of a already filtered attack ( firewall
level 1 wall) and the unfiltered signatures of attacks (a ton of
loggin).
We got a Proventia M50 series, behind a sort of firewalls PIX in the
DMZ, and the loggin is very poor, in the final report the numbers don?t
reflex anything.
So, we put a G200 before the firewalls, to get a real vision of the
unfiltered attacks impacts, and show big numbers (more real) to the
client ;).

Cheers

Leandro Reox
Security Operation Center
Impsat Argentina.


-----Original Message-----
From: hakked@yahoo.com [mailto:hakked@yahoo.com] 
Sent: Sábado, 09 de Octubre de 2004 06:41 p.m.
To: focus-ids@securityfocus.com
Subject: IDS/IPS testing methodology



New to IPS arena and am looking for a documented standard or method for
testing IPS technologies in parallel. Have a suite of test tools
(nessus, IDS Reformer, metasploit, etc.), and we are able to test the
NIDS tools fairly well off a hub, however I'm now concentrating on how
to setup the network to be able to test the IPS's in parallel at the
same time. This will be an ongoing research project.

-j

------------------------------------------------------------------------
--
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
--

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.775 / Virus Database: 522 - Release Date: 08/10/2004
 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.775 / Virus Database: 522 - Release Date: 08/10/2004
 


--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE 
IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to 
learn more.
--------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Stateful Anomaly Detection Molding, Drew Simonis
Next by Date:  Re: Fortinet IDS, Mark Teicher
Previous by Thread:  Re: IDS/IPS testing methodology, Gianpiero Porchia
Next by Thread:  Stateful Anomaly Detection Molding, Beauford, Jason
Indexes:  [Date] [Thread] [Top] [All Lists]