Throughout this chapter, we have identified a number of methods of setting up Intrusion Detection and Prevention Systems on our networks to attempt to evade them. Your challenge is as follows:
- Using the techniques we discussed in this chapter, expand on the Security Onion deployment, and experiment with different policy settings, and see what you can bypass without being detected. Be sure to create the documentation from the task so you can maintain it for future reference.
- Download the Symantec Endpoint Protection tool and set it up on your range, and explore the Network IPS capability and the host-based protections that are offered. Once you have explored it, experiment with the different techniques to obfuscate and attempt to bypass detection. To assist you in this you can refer to the Veil framework at https://www.veil-framework.com/ as a reference; an example of the website is shown in the following screenshot:
This challenge will allow you to practice the evasion methods and gain valuable experience in setting up the IDS and IPS architectures for our penetration testing ranges.
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.