A Carafe of Ubuntu
Hi ,
I need to do a pentest on a Microsoft IIS webserver to test the efficiency of the HIPS i have installed on ...
any suggestions concerning tools or methods to simulate attacks so that i can check if the HIPS will detect them ?
also , any suggestions of good HIPS out there ?
Thanks
Gee! These Aren't Roasted!
start here - http://www.backtrack-linux.org/
I also find this site a good resource
http://www.darknet.org.uk/
you may also wanna look at this link to a microsoft product
|AMD Phenom II X4 955|8Gb ddr3 1333|GTS250 1Gb|
Teeth cut on Redhat, Moved to Debian, Loving Ubuntu.
A Carafe of Ubuntu
Originally Posted by BbUiDgZ
Hi ,
thanks for your reply
i already use backtrack for 2 years now
and also am familiar with MBSA
the thing is i need an attack that probably all HIPS would detect ... just to make sure that the one i have installed is running well ...
also i need a good HIPS for an IIS server (other than snort cause i need one installable on windows)
any suggestions ?
Walking moon
Snort will run on Windows.
This kind of activity is gray hat stuff at best and is not really supported on these forums.
First you are asking about a windows server -> we would ask you to ask for windows support on a windows forums.
Second you are not asking for support on getting any particular application running, you are asking for cracking tools. Honestly I am not sure what is included in Backtrack, but I would be surprised if it did not have tools.
If nothing else , port scan your server, a port scan is easy to perform and should, IMO, be detected.
Otherwise Google search your question
There are two mistakes one can make along the road to truth...not going all the way, and not starting.
--Prince Gautama Siddharta
#ubuntuforums web interface
A Carafe of Ubuntu
actually this is why im asking ... i port scanned the server using ubuntu .Snort will run on Windows.
This kind of activity is gray hat stuff at best and is not really supported on these forums.
First you are asking about a windows server -> we would ask you to ask for windows support on a windows forums.
Second you are not asking for support on getting any particular application running, you are asking for cracking tools. Honestly I am not sure what is included in Backtrack, but I would be surprised if it did not have tools.
If nothing else , port scan your server, a port scan is easy to perform and should, IMO, be detected.
Otherwise Google search your question
i got results and hardened some configs and the results im getting now are ok .
but my made me curious is that the HIPS did not pick up the port scan ! not even as probe !
this is why i was asking what kind of simulation all HIPS detect ...
Posting Permissions
Adv Reply
Bookmarks