FTP/Telnet IDS Evasion techniques

From: Job 317 (job317_at_mailvault.com)
Date: 04/06/04

  • Next message: Chad R. Skipper: "RE: CISCO IDS Packet capture" 
    Date: Mon, 05 Apr 2004 22:36:39 00200 (CEST)
To: focus-ids@securityfocus.com

    This is a MIME encoded message.

    --=_5cb1a62ffa32549302f5df796c07c304
    Content-Type: text/plain
    Content-Transfer-Encoding: 7bit

    Hello group.

    I've been playing around with Sidestep and am looking for any other IDS
    evasion techniques using FTP (or even Telnet). Can anyone point me to
    papers or a site discussing this? Google hasn't helped much in this area
    so far.

    Thanks,

    JOB
    --=_5cb1a62ffa32549302f5df796c07c304--

    ---------------------------------------------------------------------------

    ---------------------------------------------------------------------------

  • Next message: Chad R. Skipper: "RE: CISCO IDS Packet capture"

    Relevant Pages

    • RE: Evading IDS?
      ... variety of IDS evasion techniques, ... because the evasion techniques are different. ... then NIDS ... The IDS evasion techniques in Nikto / libwhisker are described below: ...
      (Pen-Test)
    • RE: Evading IDS?
      ... I've tried a variety of Nikto IDS evasion techniques and continued to get ...
      (Pen-Test)
    • Re: Snot/state [WAS: Re: Signature and Traffic generation]
      ... if Snot were more robust and did more than just spew the ... > Snort rules file across the wire, almost every IDS would fall victim to ... regarding this topic I'm currently implementing and IDS testing option in ... stateful inspection IDS and some evasion techniques. ...
      (Focus-IDS)
    • FTP question
      ... We have ftp connection for our client, I have assign /usr/bin/false to ftp ... ids the problem is I can still do the cd to other directories using the ftp ...
      (SunManagers)