On Sun, Apr 07, 2002 at 12:29:12PM -0400, Osborne-1, Brett wrote: > There are some tools out on this - "stick" is probably the best known. > I think Doug Song has some tools in this area - his site is on monkey.org
Nessus 1.1.14 also implements some IDS evasion techniques described in Newsham's and Ptacek's paper. The neat thing is that it applies them to every Nessus check (on any TCP port). So you can test an IDS by doing a scan with IDS evasion off, then re-do the scan with IDS evasion on, and compare the results (which is quite interesting, because Nessus usually generates a _lot_ of signatures). For more details, see http://www.nessus.org/doc/nids.html -- Renaud -- Renaud Deraison The Nessus Project http://www.nessus.org ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
