IDS mailing list archives

Re: CSLID evasion - Client protection

From: ushacker20002001 () yahoo com
Date: Wed, 25 Mar 2009 10:42:53 -0600

In case of application filtering capability embedded inside IDS solutions such as SnortIDS, BroIDS or Prelude...PCRE 
format should be able to detect such payload signature (if constant). However, in terms of complexity of a threat, one 
should workout on Dynamic plug-ins to stabilize the detection problems.


Regards,
------
Shakeel Ali
Information Security Evangelist
Location:\x75\x6B\x2E\x75\x73\x2E\x70\x6B\x2E\x63\x6E\x2E\x63\x61\x2E\x75\x61\x65

Current thread:

CSLID evasion - Client protection Ravi Chunduru (Mar 25)
- Re: CSLID evasion - Client protection Stuart Staniford (Mar 25)
- RE: CSLID evasion - Client protection Addepalli Srini-B22160 (Mar 25)
  - Re: CSLID evasion - Client protection Stuart Staniford (Mar 26)
- <Possible follow-ups>
- Re: CSLID evasion - Client protection ushacker20002001 (Mar 25)