Betting Sites Not On Gamstop UK 2025Betting Sites Not On GamstopCasino Not On GamstopBest Casinos Not On GamstopNon Gamstop Casinos UK

NSS Group logo

Test Results

Please note that the individual test results are not available on-line for this report.

If you wish to read these, they are available in the complete report, which is only available to purchase from our on-line store.

The report is offered as a spiral-bound print version, or as a PDF file on CD or for immediate download.

Click here to visit our on-line store.

Click here to return to the Gigabit IDS Index Section

Top�������� Home

Certification Programs

Group Test Reports

White Papers

On-Line Store

Contact The NSS Group

Home

Sample Test Results

Section 1 - Detection Engine

Test 1.1 - Attack Recognition

Attacks

Default
ARR

Custom
ARR

Test 1.1.1 - Backdoors

Test 1.1.2 - WINS/DNS

Test 1.1.3 - DOS

Test 1.1.4 - False negatives (modified exploits)

Test 1.1.5 - Finger

Test 1.1.6 - FTP

Test 1.1.7 - HTTP

Test 1.1.8 - ICMP

Test 1.1.9 - Reconnaissance

Test 1.1.10 - RPC

Test 1.1.11 - SSH

Test 1.1.12 - Telnet

Test 1.1.13 - Database

Test 1.1.14 - Mail

Test 1.1.15 - Voice

Total

Test 1.2 - Resistance to False Positives

Default

Custom

Test 1.2.1 - Suspicious FTP traffic

Test 1.2.2 - HTTP “exploit” using incorrect method

Test 1.2.3 - Retrieval of Web page containing “suspicious” URLs

Test 1.2.4 - Simple SMTP QUIT command

Test 1.2.5 - Normal NetBIOS copy of “suspicious” files

Test 1.2.6 - Normal NetBIOS traffic

Test 1.2.7 - POP3 e-mail containing “suspicious” URLs

Test 1.2.8 - POP3 e-mail with “suspicious” DLL attachment

Test 1.2.9 - POP3 e-mail with “suspicious” Web page attachment

Test 1.2.10 - SMTP e-mail transfer containing “suspicious” URLs

Test 1.2.11 - SMTP e-mail transfer with “suspicious” DLL attachment

Test 1.2.12 - SMTP e-mail transfer with “suspicious” Web page attachment

Test 1.2.13 - SNMP V3 packet with invalid parameter

Test 1.2.14 - Fake DNS /bin/sh buffer overflow

Test 1.2.15 - Inter-firewall communication traffic

Test 1.2.16 - Fake SQL Slammer traffic

Test 1.2.17 - File copy of GIF file (contains bytes which look like NOP sled)

Total Passed

Section 2 - IPS Evasion

Test 2.1 - Evasion Baselines

Detected?

Test 2.1.1 - NSS Back Orifice ping

Test 2.1.2 - Back Orifice connection

Test 2.1.3 - FTP CWD root

Test 2.1.4 - ISAPI printer overflow

Test 2.1.5 - Showmount export lists

Test 2.1.6 - Test CGI probe (/cgi-bin/test-cgi)

Test 2.1.7 - PHF remote command execution

Total

Test 2.2 - Packet Fragmentation/Stream Segmentation

Detected?

Decoded?

Test 2.2.1 - IP fragmentation - ordered 8 byte fragments

Test 2.2.2 - IP fragmentation - ordered 24 byte fragments

Test 2.2.3 - IP fragmentation - out of order 8 byte fragments

Test 2.2.4 - IP fragmentation - ordered 8 byte fragments, duplicate last packet


Test 2.2.5 - IP fragmentation - out of order 8 byte fragments, duplicate last packet


Test 2.2.6 - IP fragmentation - ordered 8 byte fragments, reorder fragments in reverse

Test 2.2.7 - IP fragmentation - ordered 16 byte fragments, fragment overlap (favour new)

Test 2.2.8 - IP fragmentation - ordered 16 byte fragments, fragment overlap (favour old)

Test 2.2.9 - TCP segmentation - ordered 1 byte segments, interleaved duplicate segments with invalid TCP checksums

Test 2.2.10 - TCP segmentation - ordered 1 byte segments, interleaved duplicate segments with null TCP control flags

Test 2.2.11 - TCP segmentation - ordered 1 byte segments, interleaved duplicate segments with requests to resync sequence nos. mid-stream

Test 2.2.12 - TCP segmentation - ordered 1 byte segments, duplicate last packet

Test 2.2.13 - TCP segmentation - ordered 2 byte segments, segment overlap (favour new)

Test 2.2.14 - TCP segmentation - ordered 1 byte segments, interleaved duplicate segments with out-of-window sequence numbers

Test 2.2.15 - TCP segmentation - out of order 1 byte segments

Test 2.2.16 - TCP segmentation - out of order 1 byte segments, interleaved duplicate segments with faked retransmits

Test 2.2.17 - TCP segmentation - ordered 1 byte segments, segment overlap (favour new)

Test 2.2.18 - TCP segmentation - out of order 1 byte segments, PAWS elimination (interleaved dup segments with older TCP timestamp options)

Test 2.2.19 - IP fragmentation - out of order 8 byte fragments, interleaved duplicate packets scheduled for later delivery

Test 2.2.20 - TCP segmentation - ordered 16 byte segments, segment overlap (favour new (Unix))

Total


Test 2.3 - URL Obfuscation

Detected?

Decoded?

Test 2.3.1 - URL encoding

Test 2.3.2 - /./ directory insertion

Test 2.3.3 - Premature URL ending

Test 2.3.4 - Long URL

Test 2.3.5 - Fake parameter

Test 2.3.6 - TAB separation

Test 2.3.7 - Case sensitivity

Test 2.3.8 - Windows \ delimiter

Test 2.3.9 - Session splicing

Total

Test 2.4 - Miscellaneous Obfuscation Techniques

Detected?

Decoded?

Test 2.4.1 - Altering default ports

Test 2.4.2 - Inserting spaces in FTP command lines

Test 2.4.3 - Inserting non-text Telnet opcodes in FTP data stream

Test 2.4.4 - Polymorphic mutation (ADMmutate)

Test 2.4.5 - Altering protocol and RPC PROC numbers

Test 2.4.6 - RPC record fragging (MS-RPC and Sun)

Test 2.4.7 - HTTP exploits to port <> 80

Total

Section 3 - Stateful Operation

Test 3.1 - Stateless Attack Replay

Alert?

Pass/Fail

Test 3.1.1 - Stateless Web exploits

Test 3.1.2 - Stateless FTP exploits

Test 3.2 - Simultaneous Open Connections (default settings)

Number of open connections

Test 3.2.1 - Attack Detection

Test 3.2.2 - State Preservation

Test 3.3 - Simultaneous Open Connections (after tuning)

Number of open connections

Test 3.3.1 - Attack Detection

Test 3.3.2 - State Preservation

Section 4 - Detection/Blocking Performance Under Load

Test 4.1 - UDP traffic to random valid ports

150Mbps

300Mbps

450Mbps

600Mbps

Max

Test 4.1.1 - 256 byte packet test - max 270,000pps

Test 4.1.2 - 550 byte packet test - max 132,000pps

Test 4.1.3 - 1000 byte packet test - max 73,000pps

Test 4.2 - HTTP “maximum stress” traffic with no transaction delays

150Mbps

300Mbps

450Mbps

600Mbps

Max

Test 4.2.1 - Max 1500 connections per second - ave packet size 1000 bytes - max 73,000 packets per second

Test 4.2.2 - Max 3000 connections per second - ave packet size 540 bytes - max 135,000 packets per second

Test 4.2.3 - Max 6000 connections per second - ave packet size 440 bytes - max 165,000 packets per second

Test 4.2.4 - Max 12000 connections per second - ave packet size 360 bytes - max 198,000 packets per second

Test 4.3 - HTTP “maximum stress” traffic with transaction delays

150Mbps

300Mbps

450Mbps

600Mbps

Max

Test 4.3.1 - Max 3000 connections per second - ave packet size 540 bytes - max 135,000 packets per second - 10 sec delay - max 50,000 open connections

Test 4.3.2 - Max 6000 connections per second - ave packet size 440 bytes - max 165,000 packets per second - 10 sec delay - max 50,000 open connections

Test 4.4 - Protocol mix

150Mbps

300Mbps

450Mbps

600Mbps

Max

Test 4.4.1 - 72% HTTP (540 byte packets) + 20% FTP + 6% UDP (256 byte packets). Max 2400 connections per second - ave packet size 540 bytes - max 129,000 packets per second - max 450 open connections


Test 4.5 - Real World traffic

150Mbps

300Mbps

450Mbps

600Mbps

Max

Test 4.5.1 - Pure HTTP (simulated browsing session on NSS Web site). Max 2800 connections per second - 12 new users per second - ave packet size 560 bytes - max 126,000 packets per second

Test 4.5.2 - Protocol mix - 72% HTTP (simulated browsing sessions as 2.5.1) + 20% FTP + 6% UDP (256 byte packets). Max 2200 connections per second - ave packet size 560 bytes - max 123,000 packets per second - max 900 open connections

�Section 5 - Stability & Reliability

Test ID

Result

Test 5.1.1 - ISIC/ESIC/TCPSIC/UDPSIC/ICMPSIC

�Section 6 - Management Interface

Test ID

Result

Test 6.1.1 - Open Ports

Test 6.1.2 - ISIC/ESIC/TCPSIC/UDPSIC/ICMPSIC

Test 6.1.3 - ISIC attacks detected against management interface?

Click here to return to the Gigabit IDS Index Section

top�������� Home

Send mail to webmaster with questions or�
comments about this web site.

Copyright � 1991-2006 The NSS Group Ltd.
All rights reserved.