Re: stateful attacks for hostbased NIDS
From: Colonel Flagg (colonel_flagg_at_NOSOUPFORJ00internetwarzone.org)
Date: 05/23/03
- Next message: Trev: "Wake On LAN"
- Previous message: Colonel Flagg: "Re: Wake On LAN"
- In reply to: Franz Bacher: "stateful attacks for hostbased NIDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 22 May 2003 23:07:59 -0400
In article <b5bza.11437$AS6.153739@news.chello.at>, franz.bacher@a1.net
says...
> Hi!
>
> I got to implement NIDS functionality into the lwip [1] tcp/ip stack for a
> host based system.
> Therefore i would need some well known attacks that can be matched by a
> statefull inspection (e.g. syn flooding). The name of the attack would be
> sufficient to get more information from google.
>
> Thanks for help!
>
> [1] www.sics.se/~adam/lwip/
>
> --
> Franz Bacher
> Student of Telecommunication & Computer Science
> @ Graz University of Technology
> e-Mail: franz.bacher@a1.net
>
>
>
>
nessus and satan are a couple examples of scanners that test for
exploits that will simulate different attack scenarios.
I believe nmap should set off several alerts, depending on the switches
used. nt users may be a bit more inclined to use the gui version (blech)
;p
-- Colonel Flagg http://www.internetwarzone.org/ Privacy at a click: http://www.cotse.net Wanna ask a question in Usenet? http://www.tuxedo.org/~esr/faqs/smart-questions.html Everything about Usenet answered: http://www.internetwarzone.org/answers.html America WILL NOT forget 9-11-01
- Next message: Trev: "Wake On LAN"
- Previous message: Colonel Flagg: "Re: Wake On LAN"
- In reply to: Franz Bacher: "stateful attacks for hostbased NIDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
