Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

honeypots logo Honeypots mailing list archives

Honeypot / Nessus help
From: "Jeremy Hyland" <hylandj () u washington edu>
Date: Fri, 24 Sep 2004 19:29:19 -0700
Nessus has got to be the best network vulnerability scanner available, but
you need to remember it was never designed to be a stealth tool. Most of its
attacks and scans are really in your face - like smacking your server with a
baseball bat. Your IDS would have to be really, really bad to miss it.
However there are some IDS evasion features you can turn on:

 

http://www.nessus.org/doc/nids.html

 

I'd suggest some creative netcat, hping, and nmap work to determine how good
that IDS really is.

 

-Jeremy

 

 

On Fri, 24 Sep 2004 12:09:56 -0700, Robert McMahon <bob () intoto com> wrote:


Hi,







I'm trying to evaluate an Intrusion Detection/Prevention product which



advertises support for thousands of signatures.







I'm thinking of using Nessus and a honeypot to exercise the product.



I'm new to the tools/technology and was wondering if anybody has opinions



on if these are the right tools?  Also, should I use honeyd or some



other honeypot?  (My initial look at honeyd suggests it is a bit



premature, but like I said, I'm a newbie.)







Thanks in advance for any help and tips,







Bob McMahon



Application Engineer



Intoto Inc.



bob () intoto com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]