IDS mailing list archives

Re: Evasion schemes or techniques

From: "Kassem Nasser" <kassem.nasser () gmail com>
Date: Wed, 13 Dec 2006 06:30:35 +0200

Dear Mr. Nazario,
your reply was a great benefit for me, to the point that I thought of
having this day off from work in order to review the papers and
authors you have listed in your mail,
but since I have to go to work I will review them later,

great thanks again,

--
------------------------------------------
Kassem Nasser

On 12/13/06, Kassem Nasser <kassem.nasser () gmail com> wrote:

Dear Mr. Nazario,
your reply was a great benefit for me, to the point that I thought of having this day off from work in order to review 
the papers and authors you have listed in your mail,
but since I have to go to work I will review them later,
great thanks again,

--
------------------------------------------
Kassem Nasser



On 12/13/06, Jose Nazario < jose () monkey org> wrote:
> On Sun, 10 Dec 2006,  kassem.nasser () gmail com wrote:
>
> > I am interested in knowing evasion schemes for application based
> > invasions available, and i appreciate if you can guide me to some papers
> > or links where I can find such information, and where to look for
> > answers about evasion techniques, many thanks,
>
> ptacek and newsham, "insertion, evasion, and denial of service: Eluding.
> Network Intrusion Detection" and anything that cites that. names to look
> for include vern paxson, roesch, Lippmann, and many others. simply looking
> for that paper in google scholar yields dozens of citations and
> extensions.
>
> fan out from that, fan backwards from that, and you'll learn a great deal.
> it's one of the best starting points in this question.
>
> ________
> jose nazario, ph.d.                 jose () monkey org
> http://monkey.org/~jose/             http://monkey.org/~jose/secnews.html
>                                     http://www.wormblog.com/
>




--
------------------------------------------
Kassem Nasser
First LEBANON WILL SURVIVE
Now LEBNON WON
Then LEBANON will Rise and Shine
????? ?????? ???
------------------------------------------

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?

Find out quickly and easily by testing itwith real-world attacks from CORE IMPACT.Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfwto learn more.

------------------------------------------------------------------------

Current thread:

Evasion schemes or techniques kassem . nasser (Dec 12)
- Re: Evasion schemes or techniques Jose Nazario (Dec 13)
  - Message not available
    - Re: Evasion schemes or techniques Kassem Nasser (Dec 13)
- Re: Evasion schemes or techniques Gurpreet Singh (Dec 15)
  - Re: Evasion schemes or techniques Kassem Nasser (Dec 15)
- <Possible follow-ups>
- Re: Evasion schemes or techniques xandorp (Dec 15)