Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: RPC Evasion techniques

from [Dave Aitel] Network Security [Permanent Link]
Subject: Re: RPC Evasion techniques
Date: Fri, 28 Oct 2005 04:21:38 -0400 
Here are two openoffice presentations on the subject.
http://www.immunitysec.com/downloads/canvas_reference_implementation.sxi
http://www.immunitysec.com/downloads/Practical_IDS_Evasion.sxi

These sorts of things still work pretty well, especially against the faster IDS's, although the techniques are easier to do on DCE-RPC than ONCRPC.

-dave


tcp fin wrote:
Hi Guys , Any tips and tricks or good article on IDS/IPS evasion
?
I have beautiful paper "Insertion, Evasion and Denial
of Service: Eluding Network Intrusion detection". I need some pointers on RPC based evasion techniques.

Regards, TCP FIN .




__________________________________ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com



------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
------------------------------------------------------------------------

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  On the definition of false positive - was: Re: location of an IPS, Evil Adam Smith
Next by Date:  Re: Proventia G400, Planz
Previous by Thread:  Re: RPC Evasion techniques, Nick Black
Next by Thread:  Intrusion Prevention requirements document, vendortrebuchet
Indexes:  [Date] [Thread] [Top] [All Lists]