IDS mailing list archives
Re: Evasion schemes or techniques
From: "Kassem Nasser" <kassem.nasser () gmail com>
Date: Wed, 13 Dec 2006 20:30:41 +0200
Dear Mr. Singh, I highly appreciate you for this detail email, I can see that most of the types you have listed below are concerned with network based attacks, but I am concerned about application based ones. I am interested in knowing the signature of the attack (ex:using system calls patterns) in order if you want to compare it to a regular performance or normal signature. I will try to see what are from the types you have listed above that are concerned with application level attacks, Many thanks, On 12/13/06, Gurpreet Singh <gurpreetsl () gmail com> wrote:
hi, these are the most common attacks we encounter in our daily life. You can google the following terns and you will get a lot of material otherwise i can provide you with some links. Hacking: types of attack viruses - most common form of attack denial of service attacks trojans (or trojan horses) brute-force and `social engineering' password attacks port scanning and spoofing phishing Viruses Easily transferred in emails or downloaded files May damage data on infected computer May allow privileged access to host May flood the network with spurious data Phishing This is a method of luring an unsuspecting user into giving out their username and password for a secure web resource, usually a bank or credit card account. Ebay and PayPal are particularly susceptible to this type of attack. usually achieved by creating a website identical to the secure site user is sent email requesting them to log in, and providing a link to the bogus site when user logs in, password is stored and used to access the account by the attacker difficult to guard against, particularly if using HTML email Currently no law specifically against this, though some experts think this may come under the Computer Misuse Act, and may also be testable under trademark laws (passing off as another's web site).
-- ------------------------------------------ Kassem Nasser First LEBANON WILL SURVIVE Now LEBNON WON Then LEBANON will Rise and Shine ????? ?????? ??? ------------------------------------------ ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly?Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more.
------------------------------------------------------------------------
Current thread:
- Evasion schemes or techniques kassem . nasser (Dec 12)
- Re: Evasion schemes or techniques Jose Nazario (Dec 13)
- Message not available
- Re: Evasion schemes or techniques Kassem Nasser (Dec 13)
- Message not available
- Re: Evasion schemes or techniques Jose Nazario (Dec 13)
- Re: Evasion schemes or techniques Gurpreet Singh (Dec 15)
- Re: Evasion schemes or techniques Kassem Nasser (Dec 15)
- <Possible follow-ups>
- Re: Evasion schemes or techniques xandorp (Dec 15)