|
IDS
mailing list archives
Re: Packet/Protocol Anomaly Detection with IDS
From: Joachim Schipper <j.schipper () math uu nl>
Date: Fri, 20 May 2005 17:40:49 +0200
On Thu, May 19, 2005 at 08:50:55PM -0000, Harald Frlinger wrote:
Hi Community,
im a student, and at the moment im searching
for some input to write my exam.
The title is "Packet/Protocol Anomaly Detection with IDS", i already got some good input.
But some things are quiet hard to find.
What i need is some examples on attacks,
on specific protocols, like ftp, http, tcp ...
I know there are attacks like Dos or Buffer Overflows.
But i need some more.
Maybe you can tell me some good ressources or
examples.
Thanks all, and sorry for my english.
mfg
harry
Hello Harry,
one thing I recently discovered was HTTP response splitting (known for
some time, but hey - I can't know everything). Quite interesting.
Some FTP implementations (wuftpd) react(ed) badly to LIST commands with
lots of wildcards, which allows an easy DoS.
Brute-forcing might be interesting too.
There are many others, but I'm just a student myself... ;-)
Joachim
Attachment:
_bin
Description:
 By Date 
By Thread
Current thread:
|
Intro
