In this article series I will describe active and passive OS fingerprinting, the concepts that make them plausible, and go through some examples of how to do this in a manual and automated fashion... Read More
This article discusses network traffic inspection, specifically Microsoft’s Network Inspection System (NIS) that is now found in both TMG firewall and Microsoft Security Essentials. NIS provides an exceptional level of security for networks that contain Windows servers and client systems... Read More
This article deals with the available resources that help us take informed decisions about unknown systems that are communicating with our network... Read More
This two-part article discusses techniques for collecting publicly available information on obscure IP addresses and domain names that pop up anomalously on your network... Read More
More advanced fragrouter options to attempt IDS evasion... Read More
Packet fragmentation and how it can affect the IDS... Read More
A look at how Snort views a tool called Cain & Abel... Read More
The first part of this article series looked at how an IDS could possibly detect certain security tools. Covered was a packet sniffer and network scanner. This article continues with the analysis... Read More
This article series revisits the article series called “Tools of the Trade”. This time however it will be looked at from the IDS’s perspective... Read More
In this article we will look at ways of discovering system compromises based on outgoing IDS signatures... Read More