Snort IDS Ability to Detect Nmap and Metasploit Framework Evasion Techniques |
Detecting exploit and port scan disguised by evasion technique is a challenge for IDS. This research examines the evasion technique provided by Nmap, a port scanner and Metasploit Framework, an exploit launcher against a famous IDS named Snort. The result tends to prove that Snort has the ability to detect port scan and exploit on condition to have a good configuration of Snort and signature for the exploit.
Jammes Z, Papadaki M