|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Foolin an IDS ?
From: Zyzio (zyzio248
o2.pl)
Date: Fri Dec 03 2004 - 04:08:59 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi,
> Aside from looking at this the best way to learn to evade IDS/IPS
> is an understanding of the protocols that they are protecting.
> This doesn't mean just TCP/UDP; this also means things like MSRPC,
> HTTP, SSL and such.
I agree with you.
I think this is nice paper (about foolin HTTP by Whisker).
http://www.ussrback.com/docs/papers/IDS/whiskerids.html
and source
http://sourceforge.net/projects/whisker/
Best Regards,
Chris 'Zyzio'
--------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]