Re: SF new article announcement: Evading NIDS, revisited (pen-test)

[Jason <security () brvenik com>]

also make sure you read the paper on frag3

http://www.snort.org/reg/docs/target_based_frag.pdf

Andrew van der Stock wrote:
> Begin forwarded message:
>
> > Evading NIDS, revisited
> > Sumit Siddharth
> > 2005-12-02
> >
> > This article looks at some of the most popular IDS evasion attack 
> > techniques, based on fragmentation or the TTL field. Snort's 
> > configuration and response to these attacks will also be discussed.
> >
> > http://www.securityfocus.com/infocus/1852