Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-Disclosure] Pentesting an IDP-System

from [Darren Bounds] Network Security [Permanent Link]
Subject: Re: [Full-Disclosure] Pentesting an IDP-System
Date: Sat, 29 May 2004 18:44:05 -0400
I recently completed a 60 day evaluation of several public and beta NIPS releases from Radware, ISS, TippingPoint and TopLayer. The methodology I used was based on that of NSS earlier this year.

See the following link for more information: http://www.nss.co.uk/download_form.htm


Thank you,

Darren Bounds, CISSP

443D 628D 0AC7 CACF 6085
C0E0 B2FC 534B 3D9E 69AF

--
Intrusense - Securing Business As Usual


On May 29, 2004, at 7:03 AM, ph03n1x wrote:

Hello

I'm kinda new to this list and this is my first post so be nice to me :)

Well I got an Intrusion Detection and Prevention System from a quite
famous company which they lend me for betatesting. I already compiled a
few exploits to test and it detected them quite reliable. (Didnt detect
the exploit but detected the shellcode)

Do you guys have an idea how i could test it more efficiently, is there
some software that automatically tries to attack with a bunch of the
most common and new exploits so i dont have to do it manually?
Preferably some GPL or other "free" stuff since i dont have a budget for
this.

What are the must criterias for an IDP would appreciate any links or
papers.


thx for tips

ph

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-Disclosure] [SECURITY] [DSA 510-1] New jftpgw packages fix format string vulnerability, debian-security-announce
Next by Date:  [Full-Disclosure] Re: EnderUNIX Security Anouncement (Isoqlog and Spamguard), Aycan iRiCAN
Previous by Thread:  Re: [Full-Disclosure] Pentesting an IDP-System, Cedric Blancher
Next by Thread:  Re: [Full-Disclosure] Pentesting an IDP-System, ph03n1x
Indexes:  [Date] [Thread] [Top] [All Lists]