IDS mailing list archives

Re: Evasion attacks - application level

From: Mayank-Bhatnagar <mayank () ncb ernet in>
Date: Thu, 3 Jun 2004 08:40:26 +0530 (IST)

hi,

Well, in case of Evasion of IDS one of the papers that I found very
informative is

Insertion, Evasion, and Denial of Service: Eluding Network Intrusion
Detection

by

Thomas H. Ptacek
Timothy N. Newsham


and in case you are considering explicitly some protocols, applications,
for HTTP well, you can refer a tool/library libwhisker, which contains
some very interesting cases of evading web servers, web vulnerability
detectors, IDS  etc.


Regards,
Mayank Bhatnagar


68 Electronics City ,
National Centre for Software Technology,
http://www.ncb.ernet.in
Bangalore-560100.
080-28523300/28520259-1200



On 2 Jun 2004, Ilija Basicevic wrote:




Besides Greg Hoglund, Jon Gary, <<Multiple Levels of De-synchronization and other concerns with testing an IDS system

, are there any other

papers or other sort of info regarding evasion attacks at application
level ?

Ilija

---------------------------------------------------------------------------

---------------------------------------------------------------------------



---------------------------------------------------------------------------

---------------------------------------------------------------------------

Current thread:

Evasion attacks - application level Ilija Basicevic (Jun 02)
- Re: Evasion attacks - application level Mayank-Bhatnagar (Jun 03)