Results 1 to 2 of 2

Thread: Evading NIDS

  1. 06-12-2008, 08:48 AM #1
    kanto.86
    kanto.86 is offline
    Just burned his ISO
    Join Date
    May 2008
    Posts
    6

    Default Evading NIDS

    Hi everybody

    I'm trying to apply some evasion techniques to snort and other NIDS (nothing special: TTL, Fragmentation reassembly timeout, Overlapping segments).

    But, to test the fragmentation, I need to disclose the connection timeout of IDS and target OS (I remember that windows and linux machines have different timeout).

    So....Someone know if is it possible to perform this task with shell commands (perhaps hping and tcpdump)?

    Thanks !
  2. 06-13-2008, 09:31 AM #2
    kanto.86
    kanto.86 is offline
    Just burned his ISO
    Join Date
    May 2008
    Posts
    6

    Default

    Ok I found it:

    fragtest frag-timeout ipaddress

« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules