Re: IDS evasion && testing

• Previous message: Siebenkaes Stefan: "documentation/snapshot tool for pentest"
• In reply to: ph00dy: "IDS evasion && testing"
• Next in thread: Osborne-1, Brett: "RE: IDS evasion && testing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 6 Apr 2002 15:59:36 -0400
To: pen-test@securityfocus.com
From: "Marco de Vivo [UCV]" <mdevivo@reacciun.ve>

Hi ph00dy,

Try this excellent paper:

'Insertion, Evasion, and Denial of Service: Eluding Network Intrusion
Detection'
by

Thomas H. Ptacek
tqbf@securenetworks.com

Timothy N. Newsham
newsham@securenetworks.com

Secure Networks, Inc.
January, 1998

Paper's URL:

http://www.robertgraham.com/mirror/Ptacek-Newsham-Evasion-98.html

Marco

//////////////////////////////////////////////////////////////////

At 5:22 pm -0500 4/4/02, you wrote:
->Hey *,
-> I am looking for good information on defeating/testing NIDS. I have
->tryed some "alert overflowing", and sending some attacks/scans very slowly
->to see what the results are, but I imagine there is someone who has done
->more of this sort of testing that knows something I don't. Any experience,
->Ideas, papers etc.. would be helpful.
->
->
->Thanks..
-> ph00dy
->
->
->
->
->----------------------------------------------------------------------------
->This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
->Service. For more information on SecurityFocus' SIA service which
->automatically alerts you to the latest security vulnerabilities please see:
->https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

• Previous message: Siebenkaes Stefan: "documentation/snapshot tool for pentest"
• In reply to: ph00dy: "IDS evasion && testing"
• Next in thread: Osborne-1, Brett: "RE: IDS evasion && testing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: faster scans? (nmap) ... one host using nmap for syn scans in burst mode with the ... >>>This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... (Pen-Test) Re: pen test help please asap ... > Machine A on client site makes a configurable encrypted OUTBOUND ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ... (Pen-Test) Re: ettercap help ... Anyways have never tried Ettercap for VNC. ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ... (Pen-Test) RE: CFM SQL injection ... You should better use union or alike get unauthorized data from the ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... (Pen-Test) Re: ettercap help ... > I can get it to sniff telnet, ftp, pop, smb, but no vnc. ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... (Pen-Test)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint