RE: IDS Evasion

[Rafael Nuñez <rnunez () cpiu us>]

Check this out, it's for the last year but still being useful

IDS Evasion Techniques and Tactics

http://www.securityfocus.com/infocus/1577


R-
www.cpiu.us 



-----Mensaje original-----
De: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] En nombre de simon
Enviado el: Miércoles, 29 de Octubre de 2003 06:19 p.m.
Para: full-disclosure () lists netsys com
Asunto: [Full-Disclosure] IDS Evasion

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

All,
        I am interested in learning about IDS evasion tricks and tools for
both 
host based IDS systems and network based IDS systems. Is there a place 
where I can find a list that either gives technoligical details or tools 
that I could study to learn more about this? I already have a very 
detailed understanding of the evasion theories, but I want to put some 
of them to the test on my own product(s).  Pointers, advice?


- -- 

Regards,
         -simon-


"When a shepherd goes to kill a wolf, and takes his dog along to see the 
sport, he should take care to avoid mistakes.  The dog has certain 
relationships to the wolf the sheperd may have forgotten."


- -------------------------------------------------------
Secure Network Operations Strategic Reconnaissance Team
http://www.secnetops.com || http://www.snosoft.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/oDy/f3Elv1PhzXgRAq3FAKCtZOR9RgTT1CLcg34wfjV973UI4wCgzubm
FpRxGZg8DSKHLwQHQqCunj0=
=jHat
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html