Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: RE: IDS evasion && testing

RE: IDS evasion && testing

From: ET LoWNOISE <et_at_cyberspace.org>
Date: Mon, 8 Apr 2002 15:11:22 -0400 (EDT)

Some time ago i did a simple program to do NIDS evasion when pentesting
a web server. Basically is a proxy using extended anti-IDS tactics
taken from whisker and other ones. If you want nice results just combine
 various tactics at the same time.

You can download it hfrom here:
Mutatev2
http://www.dvc.es/osstmm/files/mutate2.tgz

if y are working with nBoF remote exploits try using ADMmutate

bye

ET LoWNOISE
et_at_cyberspace.org

On Mon, 8 Apr 2002, Bojan Zdrnja wrote:

> I'd also recommend you to read RFP's very good paper: A look at whisker's
> anti-IDS tactics.
>
> You can find it on his site,
> http://www.wiretrip.net/rfp/pages/whitepapers/whiskerids.html
>
> Best regards,
>
> Bojan Zdrnja
>
> > -----Original Message-----
> > From: ph00dy [mailto:ph00dy_at_covesoft.net]
> > Sent: 5. travanj 2002 0:23
> > To: pen-test_at_securityfocus.com
> > Subject: IDS evasion && testing
> >
> >
> > Hey *,
> > I am looking for good information on defeating/testing NIDS. I have
> > tryed some "alert overflowing", and sending some
> > attacks/scans very slowly
> > to see what the results are, but I imagine there is someone
> > who has done
> > more of this sort of testing that knows something I don't.
> > Any experience,
> > Ideas, papers etc.. would be helpful.
> >
> >
> > Thanks..
> > ph00dy
> >
> >
> >
> >
> > --------------------------------------------------------------
> > --------------
> > This list is provided by the SecurityFocus Security
> > Intelligence Alert (SIA)
> > Service. For more information on SecurityFocus' SIA service which
> > automatically alerts you to the latest security
> > vulnerabilities please see:
> > https://alerts.securityfocus.com/
> >
> >
>
>
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please see:
> https://alerts.securityfocus.com/
>
>

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on Apr 09 2002

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]