IDS mailing list archives
Re: Firewall-fooling techniques
From: Krzysztof Cabaj <zyzio248 () o2 pl>
Date: Mon, 24 Jan 2005 22:48:20 +0100
Hi,
I'm looking for some basic information on "techniques" on "fooling" >firewalls and IDSs. Like using fragmented packages to fool packet-filtering firewalls etc.. Any suggestions on such techniques, and perhaps some references to online litterature.. ?
I think this is good begining ... maybe not recent, but for beginning perfect. T.H Ptacek, T.N. Newsham.: Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection, January 1998, URL:http://citeseer.nj.nec.com/ptacek98insertion.html And some for application layer Whisker library for fooling IDS which look at HTTP traffic. http://www.ussrback.com/docs/papers/IDS/whiskerids.html Best regards, Chris -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- Firewall-fooling techniques Göran Sandahl (Jan 24)
- Re: Firewall-fooling techniques Jose Maria Lopez (Jan 24)
- <Possible follow-ups>
- Re: Firewall-fooling techniques Krzysztof Cabaj (Jan 24)
- Re: Firewall-fooling techniques Don Parker (Jan 25)