RE: IDS Testing

From: Estis, Kevin A. (KEVIN.A.ESTIS@saic.com)
Date: 10/26/01

Previous message: Johannes B. Ullrich: "Re: IDS Testing"
Maybe in reply to: Mike Barrimore: "IDS Testing"
Next in thread: Dragos Ruiu: "RE: IDS Testing"
Reply: Dragos Ruiu: "RE: IDS Testing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Message-Id: <881CC7991757D51196CF00508BCFE59143E365@mcl-its-exs03.mail.saic.com>
From: "Estis, Kevin A." <KEVIN.A.ESTIS@saic.com>
To: 'Mike Barrimore' <mikeybarrimore@hotmail.com>, focus-ids@securityfocus.com
Subject: RE: IDS Testing 
Date: Fri, 26 Oct 2001 09:01:21 -0400

Other than Nessus, which has already been mentioned, another good tool is
Shadow Security Scanner. It includes DoS attacks along with the normal http,
cgi, etc. vulnerability tests and has a easy GUI.

Depending on your exact business situation you may, as Mr. Getchell
recommended, wish to have a third party perform a vulnerability/penetration
test on your system. Third party tests are usually seen by management to be
more objective than internal tests. It also helps you fix things before an
internal auditor finds them.

Regardless, functional security testing should always be performed at
regular intervals and any time a major system change occurs. So even if you
don't need a third party test, *someone* should do it.

Here's one decent link: http://www.insecure.org/tools.html . If you can't
find Shadow Security Scanner let me know and I'll send it to you.

Regards,

Kevin

PS. I *am* affiliated with a penetration testing firm. =)

-----Original Message-----
From: Mike Barrimore [mailto:mikeybarrimore@hotmail.com]
Sent: Thursday, October 25, 2001 4:17 PM
To: focus-ids@securityfocus.com
Subject: IDS Testing

Hi,

I have been running network ids for a while now and I keep getting asked the

question by my boss, more recently after the 11th Sept, how do you know that

it is working as it should be. Other than downloading all of the attacks and

running them I'm not really sure.

Is there any easy to run apps that anyone can recommend? I just need to
prove that it is doing what we think it is doing.

Mikey

_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp

Previous message: Johannes B. Ullrich: "Re: IDS Testing"
Maybe in reply to: Mike Barrimore: "IDS Testing"
Next in thread: Dragos Ruiu: "RE: IDS Testing"
Reply: Dragos Ruiu: "RE: IDS Testing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: IDS Testing
... Mr. Bailey and the inimitable, Pokemon-crazed, Cazz (Well, no, he's ... In the words of Mitre's Don Bailey: ... Third party tests are usually seen by management to be ... > Subject: IDS Testing ...
(Focus-IDS)
RE: IDS Testing
... Subject: IDS Testing ... >> find Shadow Security Scanner let me know and I'll send it to you. ... >> I have been running network ids for a while now and I keep getting asked ... Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp ...
(Focus-IDS)