Snort mailing list archives
Re: Network & Systems Cloaking Tool
From: Frank Knobbe <fknobbe () knobbeits com>
Date: 08 Nov 2002 12:27:01 -0600
On Fri, 2002-11-08 at 12:08, Tommy wrote:
The techie in me is dying to share the technology, how it works, but the business person in me also wants to build a business, and that's what we filed patents for to protect the technology (it is proprietary), so unfortunately I cannot disclose the "juicy" stuff y'all are looking for. I believe in the Open Source model, but open source was not used to develop this system. It's break-through cloaking technique however works very well with IDS systems, and Snort is surely one of the best (we are using & implementing it), and that's why I ran it through the list. Feedback on the functionality is, however, most welcome!
Break-through cloaking? Oh please..... A simple hack to ipfilter that causes it to send a syn-ack instead of a rst (or silent drop) will achieve the same...
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Network & Systems Cloaking Tool Tommy (Nov 06)
- Message not available
- Re: Network & Systems Cloaking Tool Tommy (Nov 08)
- Re: Network & Systems Cloaking Tool twig les (Nov 08)
- Re: Network & Systems Cloaking Tool Tommy (Nov 08)
- Re: Network & Systems Cloaking Tool Frank Knobbe (Nov 08)
- Re: Network & Systems Cloaking Tool Frank Knobbe (Nov 08)
- Re: Network & Systems Cloaking Tool Tommy (Nov 08)
- Message not available
- Re: Network & Systems Cloaking Tool Tommy (Nov 08)
- Message not available