[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Does anyone know about TCP-Replay attacks?

To: ADT <synfinatic@xxxxxxxxx>
Subject: Re: [Full-disclosure] Does anyone know about TCP-Replay attacks?
From: Vladamir <wireless.insecurity@xxxxxxxxx>
Date: Mon, 21 Mar 2005 23:54:31 -0500

Actually I was wondering about the process of a TCP replay attack, I am aware of the program "TCP replay" I was hoping for information on IDS evasion techniques.

Sorry for the vagueness

ADT wrote:

Hey Vladamir,

You're being a bit vague regarding your question.  When people talk
about "tcp replay" attacks and testing an IDS they're usually asking
about one of two things:

1) how to use tcpreplay to test an IDS's detection abilities

or

2) About breaking the tcp stream by injecting old/out of order/broken
packets to try to evade an IDS

Perhaps you could give some context and better explain what you're
trying to do?  Btw, if you want to learn about how to use tcpreplay,
there is extensive documentation on the tcpreplay website.

-ADT

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Does anyone know about TCP-Replay attacks?
  - From: ADT

References:
- [Full-disclosure] Does anyone know about TCP-Replay attacks?
  - From: Vladamir
- Re: [Full-disclosure] Does anyone know about TCP-Replay attacks?
  - From: Vladamir
- Re: [Full-disclosure] Does anyone know about TCP-Replay attacks?
  - From: ADT

Prev by Date: RE: [Full-disclosure] Does anyone know about TCP-Replay attacks?
Next by Date: RE: [Full-disclosure] Does anyone know about TCP-Replay attacks?
Previous by thread: Re: [Full-disclosure] Does anyone know about TCP-Replay attacks?
Next by thread: Re: [Full-disclosure] Does anyone know about TCP-Replay attacks?
Index(es):
- Date
- Thread