Focus on IDS
IDS-Testing tools Jul 22 2010 12:11PM
info cotorodas com (5 replies)
Re: IDS-Testing tools Aug 03 2010 12:05PM
Teemu T. Schaabl (teemu lynix net) (1 replies)
Re: IDS-Testing tools Aug 04 2010 09:22PM
Fred Concklin (fredconcklin gmail com)
Re: IDS-Testing tools Jul 23 2010 05:01PM
Todd Haverkos (infosec haverkos com)
Re: IDS-Testing tools Jul 22 2010 07:46PM
dave (dave immunityinc com)
Re: IDS-Testing tools Jul 22 2010 05:56PM
Jeremy Bennett (jeremyfb mac com)
IDS or IPS?

Either way correctly testing either is a time consuming and expensive process. Time consuming because the set of needed tests is huge (all known exploits?), large samples of clean traffic? etc. Expensive because you must confirm that each exploit or test you run is an accurate test. Example, you are not actually testing whether an IPS is blocking an exploit unless you first run the exploit against a vulnerable target and see it get compromised.

My recommendation is to focus on higher level tests that are more meaningful to you.
* Is the UI usable for your operators? Too simple, too complicated?
* Does the IDS/IPS correctly pass your clean traffic without a huge amount of alerts?
* Is the performance in your network acceptable?

For testing of the detection or blocking capabilities I would rely on reports from companies like NSS Labs. They do an excellent job of doing the time consuming and expensive tests. Also, don't just look at one report but look at a series. Is the product you are looking at consistently well rated or do they go up and down in the ratings? Can you rely on their signature team to release new signatures in a timely manner? Will the company be around in 5 years?

-J

On Jul 22, 2010, at 5:11 AM, info (at) cotorodas (dot) com [email concealed] wrote:

> Has anyone any ideas of good and small testings tools for IDS?
> I have to test a IDS-System and I am looking for a small programm which is able to test all kind of possible Intrusions.
> Thanks for your help.
>
> -----------------------------------------------------------------
> Securing Your Online Data Transfer with SSL.
> A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate on your web server, you can securely collect sensitive information online, and increase business by giving your customers confidence that their transactions are safe.
> http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a
17f194
>
>

-----------------------------------------------------------------
Securing Your Online Data Transfer with SSL.
A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate on your web server, you can securely collect sensitive information online, and increase business by giving your customers confidence that their transactions are safe.
http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a
17f194

[ reply ]
Re: IDS-Testing tools Jul 22 2010 04:35PM
Federico Maggi (federico maggi gmail com) (1 replies)
AW: IDS-Testing tools Jul 22 2010 05:09PM
Christiane Coto Rodas (info cotorodas com)


 

Privacy Statement
Copyright 2010, SecurityFocus