Snort mailing list archives
Evading IDS
From: Joe Horton <mymailii () yahoo com>
Date: Sun, 11 May 2003 16:41:35 -0700 (PDT)
Heres some interesting stuff i found on how to avoid IDS detection. How many of these methods is Snort still vulnerable too? Are there any new ways of getting around an IDS (anomaly or signature)? Unicode, fragmenting with padding, overlaying, and TTL, etc... http://www.securityfocus.com/infocus/1577 http://secinf.net/info/ids/idspaper/idspaper.html http://www.infosecuritymag.com/2002/jul/sneaking.shtml http://www.securityfocus.com/infocus/1232 --------------------------------- Do you Yahoo!? The New Yahoo! Search - Faster. Easier. Bingo.
Current thread:
- Evading IDS Joe Horton (May 11)