| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: wireless.insecurity at gmail.com (Vladamir) Subject: Does anyone know about TCP-Replay attacks? SNORT and CSA Kumar,Ratna wrote: > there are many ways for ids evasion. > > first of all,on what IDS system you are work????ing > > -----Original Message----- > From: full-disclosure-bounces@...ts.grok.org.uk > [mailto:full-disclosure-bounces@...ts.grok.org.uk]On Behalf Of Vladamir > Sent: Tuesday, March 22, 2005 10:25 AM > To: ADT > Cc: full-disclosure@...ts.grok.org.uk > Subject: Re: [Full-disclosure] Does anyone know about TCP-Replay > attacks? > > > Actually I was wondering about the process of a TCP replay attack, I am > aware of the program "TCP replay" I was hoping for information on IDS > evasion techniques. > > Sorry for the vagueness > > ADT wrote: > >>Hey Vladamir, >> >>You're being a bit vague regarding your question. When people talk >>about "tcp replay" attacks and testing an IDS they're usually asking >>about one of two things: >> >>1) how to use tcpreplay to test an IDS's detection abilities >> >>or >> >>2) About breaking the tcp stream by injecting old/out of order/broken >>packets to try to evade an IDS >> >>Perhaps you could give some context and better explain what you're >>trying to do? Btw, if you want to learn about how to use tcpreplay, >>there is extensive documentation on the tcpreplay website. >> >>-ADT >> > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
Powered by blists - more mailing lists