Does this web server support https? If so, you can probably blow right past a network IPS by running all your tests through sslproxy or something like that. Of course, if you're 'evaluating' the IPS for a possible purchase, I think they're all gonna show up exactly the same.
It's probably not fair to throw out the whole concept just 'cuz it's possible to get traffic through that it doesn't detect but, when they market their IPS with a 'silver bullet approach', then I think it's fair to bring up some serious issues. An IDS or IPS certainly has value but it seems that the people pushing IPS make it sound like their box will solve all your problems. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ravi Sent: Thursday, January 08, 2004 6:29 AM To: [EMAIL PROTECTED] Subject: CGI abuses: preferences how to Hi List, Currenlty I am in process of evaluating various IPS products available. My set up will look like this: Nessus ---- IPS ----Internal network IPS box protects the LAN of internal machine and Nessus will be run in external machine to IPS. I would like to use NIDS evasion techniques of Nessus. For which I know that I have to set preferences in Nessus client and select the related family of plugins . Firt, I could not find any options for LibWhisker, is there any tool to be downloaded? For your information I am using latest Nessus version-2.0.9 Some one describe taking a example of CGI abuses , how you add NIDS evasion techniques to this family. Is there any thing else that to be run in internal machine to support like any webservers etc., Thanks in advance, -Ravi _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
