«
Expand/Collapse
30 items tagged "ids"
Related tags:
pytbull [+],
testing [+],
wormtrack [+],
read [+],
network ids [+],
network [+],
local area network [+],
intrusion detection systems [+],
evasion [+],
arp [+],
zetas [+],
whitepaper [+],
web interface [+],
using open source tools [+],
usa [+],
tool [+],
testing tool [+],
testing intrusion detection systems [+],
tags [+],
stefano zanero [+],
source [+],
sniffjoke [+],
slides [+],
sagan [+],
peta zetas [+],
peta [+],
patrick engebretson [+],
pal [+],
open source tools [+],
linux [+],
library [+],
kismet [+],
josh pauli [+],
inner workings [+],
grid [+],
evasion techniques [+],
department of homeland security [+],
cloud [+],
black hat [+],
authors [+],
attack [+],
Wireless [+],
Countermeasures [+],
waf [+],
socks proxy [+],
socks [+],
slovenia [+],
site [+],
shellcode [+],
sec [+],
return [+],
passwords [+],
oriented programming [+],
notch web [+],
inundator [+],
hacking [+],
email [+],
detection [+],
bypassing [+],
arrests [+],
Tools [+],
prevention system [+],
ips [+],
intrusion detection prevention [+],
ips testing [+]
-
-
18:38
»
Packet Storm Security Recent Files
Wormtrack is a network IDS that helps detect scanning worms on a local area network by monitoring anomalous ARP traffic. This allows detection of scanning threats on the network, without having privileged access on a switch to set up a dedicated monitor port, nor does it require a constant updating of the rules engine to address new threats.
-
18:38
»
Packet Storm Security Tools
Wormtrack is a network IDS that helps detect scanning worms on a local area network by monitoring anomalous ARP traffic. This allows detection of scanning threats on the network, without having privileged access on a switch to set up a dedicated monitor port, nor does it require a constant updating of the rules engine to address new threats.
-
18:38
»
Packet Storm Security Misc. Files
Wormtrack is a network IDS that helps detect scanning worms on a local area network by monitoring anomalous ARP traffic. This allows detection of scanning threats on the network, without having privileged access on a switch to set up a dedicated monitor port, nor does it require a constant updating of the rules engine to address new threats.
-
-
14:30
»
Packet Storm Security Recent Files
Whitepaper called Bypassing IDS with Return Oriented Programming. It heavily discusses and shows the point of leveraging polymorphic shellcode in order to bypass detection.
-
-
10:23
»
SecDocs
Authors:
Josh Pauli Kyle Cronin Patrick Engebretson Tags:
IDS sniffer Event:
Black Hat USA 2010 Abstract: Testing Intrusion Detection Systems (IDS) to ensure the most malicious attacks are detected is a cornerstone of these systems, but there is no standardized method to execute these tests. Running live exploitations is not always a viable option – especially when the rule set isn’t finalized, and clients are often nervous about the use of “hacker tools” on their networks. Furthermore, educators struggle to teach IDS concepts as a standalone principle without teaching attack methodologies at the same time. We are releasing two artifacts to help solve these problems. First we introduce PAL, a PCAP Attack Library full of individual pre-captured attack files that can be easily replayed for IDS testing and education. This library is completely preassembled, clean, and extendable to include further additions of attacks. Our initial library is created from the findings in the Common Attack Pattern Enumeration Classification (CAPEC) from the Department of Homeland Security. Second, we introduce SprayPAL, a software tool that we’ve developed to replay the PCAP attack library files. Users can send attacks to a specific target or broadcast to an entire subnet of machines. Additional features include the ability to select individual or multiple simultaneous attacks as well as provide layer 2 and 3 packet level manipulation. We conclude by presenting a methodology for capturing attacks and adding them to the public library. Both our PCAP attack library and SprayPAL tool will be released at Black Hat 2010 to the general public.
-
10:23
»
SecDocs
Authors:
Josh Pauli Kyle Cronin Patrick Engebretson Tags:
IDS sniffer Event:
Black Hat USA 2010 Abstract: Testing Intrusion Detection Systems (IDS) to ensure the most malicious attacks are detected is a cornerstone of these systems, but there is no standardized method to execute these tests. Running live exploitations is not always a viable option – especially when the rule set isn’t finalized, and clients are often nervous about the use of “hacker tools” on their networks. Furthermore, educators struggle to teach IDS concepts as a standalone principle without teaching attack methodologies at the same time. We are releasing two artifacts to help solve these problems. First we introduce PAL, a PCAP Attack Library full of individual pre-captured attack files that can be easily replayed for IDS testing and education. This library is completely preassembled, clean, and extendable to include further additions of attacks. Our initial library is created from the findings in the Common Attack Pattern Enumeration Classification (CAPEC) from the Department of Homeland Security. Second, we introduce SprayPAL, a software tool that we’ve developed to replay the PCAP attack library files. Users can send attacks to a specific target or broadcast to an entire subnet of machines. Additional features include the ability to select individual or multiple simultaneous attacks as well as provide layer 2 and 3 packet level manipulation. We conclude by presenting a methodology for capturing attacks and adding them to the public library. Both our PCAP attack library and SprayPAL tool will be released at Black Hat 2010 to the general public.
-
-
8:15
»
Packet Storm Security Recent Files
pytbull is an intrusion detection/prevention system (IDS/IPS) testing framework for Snort and Suricata. It can be used to test the detection and blocking capabilities of an IDS/IPS, to compare IDS/IPS, to compare configuration modifications and to check/validate configurations. The framework is shipped with about 300 tests grouped into 8 testing modules.
-
8:15
»
Packet Storm Security Tools
pytbull is an intrusion detection/prevention system (IDS/IPS) testing framework for Snort and Suricata. It can be used to test the detection and blocking capabilities of an IDS/IPS, to compare IDS/IPS, to compare configuration modifications and to check/validate configurations. The framework is shipped with about 300 tests grouped into 8 testing modules.
-
8:15
»
Packet Storm Security Misc. Files
pytbull is an intrusion detection/prevention system (IDS/IPS) testing framework for Snort and Suricata. It can be used to test the detection and blocking capabilities of an IDS/IPS, to compare IDS/IPS, to compare configuration modifications and to check/validate configurations. The framework is shipped with about 300 tests grouped into 8 testing modules.
-
-
19:14
»
Packet Storm Security Recent Files
SniffJoke is middleware software for Linux that is managed by a web interface and enables connection scrambling technology, also known as sniffer evasion techniques.
-
19:14
»
Packet Storm Security Misc. Files
SniffJoke is middleware software for Linux that is managed by a web interface and enables connection scrambling technology, also known as sniffer evasion techniques.
-
-
21:08
»
Packet Storm Security Recent Files
pytbull is an intrusion detection/prevention system (IDS/IPS) testing framework for Snort and Suricata. It can be used to test the detection and blocking capabilities of an IDS/IPS, to compare IDS/IPS, to compare configuration modifications and to check/validate configurations. The framework is shipped with about 300 tests grouped into 8 testing modules.
-
21:08
»
Packet Storm Security Tools
pytbull is an intrusion detection/prevention system (IDS/IPS) testing framework for Snort and Suricata. It can be used to test the detection and blocking capabilities of an IDS/IPS, to compare IDS/IPS, to compare configuration modifications and to check/validate configurations. The framework is shipped with about 300 tests grouped into 8 testing modules.
-
21:08
»
Packet Storm Security Misc. Files
pytbull is an intrusion detection/prevention system (IDS/IPS) testing framework for Snort and Suricata. It can be used to test the detection and blocking capabilities of an IDS/IPS, to compare IDS/IPS, to compare configuration modifications and to check/validate configurations. The framework is shipped with about 300 tests grouped into 8 testing modules.
-
-
13:22
»
Packet Storm Security Recent Files
pytbull is an intrusion detection/prevention system (IDS/IPS) testing framework for Snort and Suricata. It can be used to test the detection and blocking capabilities of an IDS/IPS, to compare IDS/IPS, to compare configuration modifications and to check/validate configurations.The framework is shipped with about 300 tests grouped into 8 testing modules.
-
13:22
»
Packet Storm Security Tools
pytbull is an intrusion detection/prevention system (IDS/IPS) testing framework for Snort and Suricata. It can be used to test the detection and blocking capabilities of an IDS/IPS, to compare IDS/IPS, to compare configuration modifications and to check/validate configurations.The framework is shipped with about 300 tests grouped into 8 testing modules.
-
13:22
»
Packet Storm Security Misc. Files
pytbull is an intrusion detection/prevention system (IDS/IPS) testing framework for Snort and Suricata. It can be used to test the detection and blocking capabilities of an IDS/IPS, to compare IDS/IPS, to compare configuration modifications and to check/validate configurations.The framework is shipped with about 300 tests grouped into 8 testing modules.
-
-
10:55
»
darkc0de
1000 email IDs and passwords dumped from site
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
SecuriTeam
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Hack a Day
Wirevolution