Resources

 

We analyze, design and implement IPS solutions for medium to large enterprise, and provide consultancy, project management and implementation.

 

  IPS Testing Tools

 

Tomahawk 

Ever wanted to know how effective a network-based intrusion prevention system (IPS) appliance? Tippingpoint is first to make an open source IPS testing tool called Tomahawk, it is freely available for testing any IPS or IDS.

Download Here 

 

 
 

  Online IPS Testing

 

Below are some online IPS Testing tools available freely for testing any IPS or IDS. Note: CNT is not liable for any damage these tests may cause to your system. Please read and accept the Disclaimer before clicking on any “Try Here” link. 

·          Proof of Concept for IE Frame Tag Name Parameter Exploit.

An exploitable buffer overflow has been found in Internet Explorer allowing a remote attacker to cause it to execute arbitrary code by overflowing the parameters provided by the IFRAME HTML tag. 

Vulnerable Software: WinXP, WinXP SP1, WinNT, Win2k SP3/4

Ref: Microsoft Security Bulletin MS04-040

  Try Here

·          Proof of Concept exploit for Windows HTML Help ActiveX Control Script Injection

Windows HTML Help control (hhctrl.ocx) is an ActiveX control that enable an attacker to inject and run scripts through a malicious webpage.

Vulnerable Software: WinXP, WinXP SP1/2, Win2k SP2/3/4, Win2003

Ref: Microsoft Security Bulletin MS05-001

Try Here

·          Proof of Concept exploit for Malicious Mozilla Plugin config Access

A specially crafted Macromedia Shockwave plugin can access a user’s Mozilla browser preferences via the special “about:config” configuration page. If exploited, the operator of a malicious website could deliver and silently execute code.

Vulnerable Software: prior Mozilla 1.7.6 and Firefox 1.0.1

Ref: CAN-2005-0527

  Try Here

·          Proof of Concept exploit for IE site Spoofing Malicious Link

IE contains a flaw in processing URLs for display in the address bar and status bar. The vulnerability is caused due to an input validation error, which can be exploited by including “%01” and “%00” URL encoded representations after the username and right before the “@” character in an URL.

Vulnerable Software: IE 5, IE 5.5 and IE 6

Ref: CAN-2004-1025

  Try Here

·          Proof of Concept exploit for Cross Site Scripting in Query String

This filter detects general cross site scripting attempts where a web client sends scripts code to the server embedded in the HTTP query string.

Try Here

·          Proof of Concept exploit for JPEG Image Processing  Buffer Overflow

Malicious JPEG image which have specially crafted “comment” section, may lead to a denial-of-service or a buffer overflow in some Microsoft applications.

Vulnerable Software: Win XP, Win XP SP1, Win2003, Win Office XP/2003

Ref: Microsoft Security Bulletin MS04-028

  Try Here

·          Proof of Concept exploit for IE File Extension Spoofing Vulnerability

Internet Explorer can be tricked into opening a file, with a different application than indicated by the file extension. This can be done by embediing a CLSID in the file name. This could be exploited to trick users into opeing “trusted” file types which are in fact malicious files.

Vulnerable Software: IE 6.0

  Try Here

·           Proof of Concept for BitTorrent P2P application blocking.

BitTorrent (BT) is a very popular P2P application, with BT files are broken into smaller fragments typically a quarter of megabyte each. As the fragments get distributed to the peers, they can be reassembled on a requesting machine in a random order. This demonstration shows the blocking of BitTorrent torrent file download.

Try Here

·          Proof of Concept for Spyware installation. 

This demonstration shows the blocking of “Drive by Download” spyware installation. Gozilla is a Download Manager that is available at Gozilla.com website. However even before downloading the application, just a visit to the website pops up a very deceptive “security warning”. The message prompts the user to “install and run AT-games with free online games to your favorite folder plus desktop icons with cool offers”. Depending on browser security setting, the message may or may not display. If user innocently clicks “Yes” or if IE browser’s security settings are not set correctly a dozen of different spyware packages will be installed on the host.

Test Link: http://www.gozilla.com
 

HOME   |    PRODUCTS   |    DOWNLOADS   |    RESOURCES   |    COMPANY

  Highlight

We are the premier partner for Tippingpoint’s IPS products in Singapore

 

 

We provide professional services in configuration, deployment and training for the products.

Please contact us to find a solution that best suits your needs.
 

 

Looking for an effective solution for your IT needs? Contact us now! Our consultants will be pleased to assist you.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Sitemap

Copyright ©2006 Cohesion Network Technologies Pte Ltd. All rights reserved.