[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Does anyone know about TCP-Replay attacks?
- To: Vladamir <wireless.insecurity@xxxxxxxxx>
- Subject: Re: [Full-disclosure] Does anyone know about TCP-Replay attacks?
- From: ADT <synfinatic@xxxxxxxxx>
- Date: Mon, 21 Mar 2005 20:45:35 -0800
Hey Vladamir,
You're being a bit vague regarding your question. When people talk
about "tcp replay" attacks and testing an IDS they're usually asking
about one of two things:
1) how to use tcpreplay to test an IDS's detection abilities
or
2) About breaking the tcp stream by injecting old/out of order/broken
packets to try to evade an IDS
Perhaps you could give some context and better explain what you're
trying to do? Btw, if you want to learn about how to use tcpreplay,
there is extensive documentation on the tcpreplay website.
-ADT
--
http://synfin.net/
On Mon, 21 Mar 2005 23:04:48 -0500, Vladamir
<wireless.insecurity@xxxxxxxxx> wrote:
> I was looking at that, but thanks!
>
> Byron Copeland wrote:
> > Perhaps this may help?
> >
> > http://tcpreplay.sourceforge.net/
> >
> > On Mon, 2005-03-21 at 22:54, Vladamir wrote:
> >
> >>I'm looking for general information as to how to test an IDS using
> >>TCP-replays.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/