Re: [Full-disclosure] Does anyone know about TCP-Replay attacks?

• Previous message: Kumar,Ratna: "RE: [Full-disclosure] Does anyone know about TCP-Replay attacks?"
• In reply to: ADT: "Re: [Full-disclosure] Does anyone know about TCP-Replay attacks?"
• Next in thread: ADT: "Re: [Full-disclosure] Does anyone know about TCP-Replay attacks?"
• Reply: ADT: "Re: [Full-disclosure] Does anyone know about TCP-Replay attacks?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 21 Mar 2005 23:54:31 -0500
To: ADT <synfinatic@gmail.com>

Actually I was wondering about the process of a TCP replay attack, I am
aware of the program "TCP replay" I was hoping for information on IDS
evasion techniques.

Sorry for the vagueness

ADT wrote:
> Hey Vladamir,
>
> You're being a bit vague regarding your question. When people talk
> about "tcp replay" attacks and testing an IDS they're usually asking
> about one of two things:
>
> 1) how to use tcpreplay to test an IDS's detection abilities
>
> or
>
> 2) About breaking the tcp stream by injecting old/out of order/broken
> packets to try to evade an IDS
>
> Perhaps you could give some context and better explain what you're
> trying to do? Btw, if you want to learn about how to use tcpreplay,
> there is extensive documentation on the tcpreplay website.
>
> -ADT
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

• Previous message: Kumar,Ratna: "RE: [Full-disclosure] Does anyone know about TCP-Replay attacks?"
• In reply to: ADT: "Re: [Full-disclosure] Does anyone know about TCP-Replay attacks?"
• Next in thread: ADT: "Re: [Full-disclosure] Does anyone know about TCP-Replay attacks?"
• Reply: ADT: "Re: [Full-disclosure] Does anyone know about TCP-Replay attacks?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]