No announcement yet.

IDS - Testing The Device

  • Filter
  • Time
  • Show
Clear All
new posts

  • IDS - Testing The Device

    When testing the capabilities of an IDS some general steps can be used as a guideline

    Common steps are
    • Disable trusted hosts.
    • Attempt an insertion attack.
    • Implement evasion techniques.
    • Perform a DoS attack.
    • Use code obfuscation.
    • Perform a Crying Wolf attack
    • Attempt a Unicode attack.
    • Perform a fragmentation attack.

    Even though most attacks may not work it is important to keep notes on the result of how each device respond so that when the test is complete you will have a fairly complete set of data to analyze. This will aid you in getting an overview of the target environment or possible vulnerabilities present.
    Certified Security Geek