lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <40B86564.1040709@greyhat.de> From: Oliver at greyhat.de (Oliver@...yhat.de) Subject: Pentesting an IDP-System ph03n1x wrote: >Hello > >I'm kinda new to this list and this is my first post so be nice to me :) > >Well I got an Intrusion Detection and Prevention System from a quite >famous company which they lend me for betatesting. I already compiled a >few exploits to test and it detected them quite reliable. (Didnt detect >the exploit but detected the shellcode) > >Do you guys have an idea how i could test it more efficiently, is there >some software that automatically tries to attack with a bunch of the >most common and new exploits so i dont have to do it manually? >Preferably some GPL or other "free" stuff since i dont have a budget for >this. > >What are the must criterias for an IDP would appreciate any links or >papers. > > >thx for tips > >ph > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.netsys.com/full-disclosure-charter.html > > > There is a tool called IDS Informer, but i never used it. Fragrouter can be used for some fragmentation tests. Maybe you can use ip fragmentation to overwrite destination port of tcp-header. This migth help to fool some IDS-Systems, using PAD (protocol anomaly detection) which determines the protocoll by reading the destport. /Oliver
Powered by blists - more mailing lists