Full Disclosure mailing list archives
RE: Does anyone know about TCP-Replay attacks?
From: "Kumar,Ratna" <rakumar () ipolicynetworks com>
Date: Tue, 22 Mar 2005 10:28:08 +0530
there are many ways for ids evasion. first of all,on what IDS system you are work????ing -----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk]On Behalf Of Vladamir Sent: Tuesday, March 22, 2005 10:25 AM To: ADT Cc: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] Does anyone know about TCP-Replay attacks? Actually I was wondering about the process of a TCP replay attack, I am aware of the program "TCP replay" I was hoping for information on IDS evasion techniques. Sorry for the vagueness ADT wrote:
Hey Vladamir, You're being a bit vague regarding your question. When people talk about "tcp replay" attacks and testing an IDS they're usually asking about one of two things: 1) how to use tcpreplay to test an IDS's detection abilities or 2) About breaking the tcp stream by injecting old/out of order/broken packets to try to evade an IDS Perhaps you could give some context and better explain what you're trying to do? Btw, if you want to learn about how to use tcpreplay, there is extensive documentation on the tcpreplay website. -ADT
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Does anyone know about TCP-Replay attacks? Vladamir (Mar 21)
- Message not available
- Re: Does anyone know about TCP-Replay attacks? Vladamir (Mar 21)
- Re: Does anyone know about TCP-Replay attacks? ADT (Mar 21)
- Re: Does anyone know about TCP-Replay attacks? Vladamir (Mar 21)
- Re: Does anyone know about TCP-Replay attacks? ADT (Mar 21)
- Re: Does anyone know about TCP-Replay attacks? Vladamir (Mar 21)
- Message not available
- <Possible follow-ups>
- RE: Does anyone know about TCP-Replay attacks? Kumar,Ratna (Mar 21)
- RE: Does anyone know about TCP-Replay attacks? Kumar,Ratna (Mar 21)
- Re: Does anyone know about TCP-Replay attacks? Vladamir (Mar 21)