lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <423FA655.4000102@gmail.com>
From: wireless.insecurity at gmail.com (Vladamir)
Subject: Does anyone know about TCP-Replay attacks?

SNORT and CSA

Kumar,Ratna wrote:
> there are many ways for ids evasion.
> 
> first of all,on what IDS system you are work????ing
> 
> -----Original Message-----
> From: full-disclosure-bounces@...ts.grok.org.uk
> [mailto:full-disclosure-bounces@...ts.grok.org.uk]On Behalf Of Vladamir
> Sent: Tuesday, March 22, 2005 10:25 AM
> To: ADT
> Cc: full-disclosure@...ts.grok.org.uk
> Subject: Re: [Full-disclosure] Does anyone know about TCP-Replay
> attacks?
> 
> 
> Actually I was wondering about the process of a TCP replay attack, I am 
> aware of the program "TCP replay" I was hoping for information on IDS 
> evasion techniques.
> 
> Sorry for the vagueness
> 
> ADT wrote:
> 
>>Hey Vladamir,
>>
>>You're being a bit vague regarding your question.  When people talk
>>about "tcp replay" attacks and testing an IDS they're usually asking
>>about one of two things:
>>
>>1) how to use tcpreplay to test an IDS's detection abilities
>>
>>or
>>
>>2) About breaking the tcp stream by injecting old/out of order/broken
>>packets to try to evade an IDS
>>
>>Perhaps you could give some context and better explain what you're
>>trying to do?  Btw, if you want to learn about how to use tcpreplay,
>>there is extensive documentation on the tcpreplay website.
>>
>>-ADT
>>
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ