Re: IDS Testing Method

From: michael.li (michael.li_at_zyxel.cn)
Date: 07/26/04

  • Next message: Ravi Kumar: "Re: IDS Testing Method" 
    To: <focus-ids@securityfocus.com>
Date: Mon, 26 Jul 2004 10:13:55 +0800

    Dear All,

    Do not hesitate to visit www.nss.co.uk ,you'll find many good articles and
    test reports on FW,IDS/IPS there.

    And I'd like to recommand their test report on NetScreen IDP as your test
    lab/methodoloy blueprint.

    My 2 cents:)

    Regards,

    hoop

    ----- Original Message -----
    From: "NAVTEJ KOHLI" <tonavtejkohli@hotmail.com>
    To: <focus-ids@securityfocus.com>
    Sent: Tuesday, July 20, 2004 6:48 PM
    Subject: IDS Testing Method

    > Hi Lists,
    >
    > I'm trying to find out ways of testing different IDS systems. Is there any
    > way, recommended'/best practice methodology for testing Network based IDS
    > (NIDS)
    > ?
    > It would be very nice of you if anyone can give me some technical hints.
    > Any information - papers, tools, links and own experience are much
    > appreciated.
    >
    > Hoping for a reply soon from your side.
    >
    > Regards,
    >
    > NAVTEJ KOHLI
    >
    > _________________________________________________________________
    > MSN 8 with e-mail virus protection service: 2 months FREE*
    > http://join.msn.com/?page=features/virus
    >
    >
    > --------------------------------------------------------------------------
    > Test Your IDS
    >
    > Is your IDS deployed correctly?
    > Find out quickly and easily by testing it with real-world attacks from
    CORE
    > IMPACT.
    > Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
    to learn more.
    > --------------------------------------------------------------------------
    >

    --------------------------------------------------------------------------
    Test Your IDS

    Is your IDS deployed correctly?
    Find out quickly and easily by testing it with real-world attacks from CORE
    IMPACT.
    Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
    --------------------------------------------------------------------------

  • Next message: Ravi Kumar: "Re: IDS Testing Method"

    Relevant Pages

    • RE: interesting paper on testing sig-based IDS
      ... to evasion (the actual evasion techniques are not ... interesting paper on testing sig-based IDS ... The mutation engine applies one or more mutant operators to ... > Find out quickly and easily by testing it with real-world attacks from ...
      (Focus-IDS)
    • RE: IDS alerts / second - Correlation - Virtualization
      ... any IPS has to do IDS first. ... >assumes that your server is vulnerable against xyz and blocks it. ... >with real-world attacks from CORE IMPACT. ...
      (Focus-IDS)
    • RE: IDS event filtering
      ... The trick with IDS and SIM is to find an approach, ... Filtering is not only about yes and no, ... My experience shows that management report should include also a summary ... > Find out quickly and easily by testing it with real-world attacks from ...
      (Focus-IDS)
    • RE: Hi, I want to study IPS
      ... I think testing with dataset from place like Lincoln labs is still useful ... you will need data from real networks to test ... The lab data also will not provide any real test for an IDS beyond very ... Find out quickly and easily by testing it with real-world attacks from CORE ...
      (Focus-IDS)
    • Re: Firewalls (was Re: IDS evaluations procedures)
      ... aims of security vendors over the last few years has been minimising ... One of the reasons that the reputation of IDS suffered (and maybe why ... I suggest we drop IPS from the nomenclature. ... > with real-world attacks from CORE IMPACT. ...
      (Focus-IDS)