Bugtraq mailing list archives

Re: Verified evasion in Snort

From: Thierry Zoller <Thierry () Zoller lu>
Date: Wed, 1 Feb 2006 19:50:15 +0100

Dear List,

asc> Dan Kaminsky gave a presentation at shmoocon and mentioned using 
asc> ip fragmentation timers to evade intrusion detection systems.
Just FYI, for Risk Assesement, this information has already been presented
last year by Dan at Defcon13 .

-- 
http://secdev.zoller.lu
Thierry Zoller
Fingerprint : 5D84 BFDC CD36 A951 2C45  2E57 28B3 75DD 0AC6 F1C7

Current thread:

Re: Verified evasion in Snort Thierry Zoller (Feb 01)
- <Possible follow-ups>
- Re: Verified evasion in Snort mwatchinski (Feb 01)
- Re: Re: Verified evasion in Snort anonpoet (Feb 02)
  - Re: Re: Verified evasion in Snort Dave Korn (Feb 03)