tag:blogger.com,1999:blog-4088979.post1412022782365824304..comments2023-10-16T06:06:25.012-04:00Comments on TaoSecurity Blog: Snort Evasion Vulnerability in Frag3Richard Bejtlichhttp://www.blogger.com/profile/13512184196416665417noreply@blogger.comBlogger8125tag:blogger.com,1999:blog-4088979.post-21668444878311353542008-06-18T09:29:00.000-04:002008-06-18T09:29:00.000-04:00With the right tool, trivial. There's nothing "ou...With the right tool, trivial. There's nothing "out of the box," however. You need to write something yourself or make good use of something like Scapy.Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-83811075274591526902008-06-18T09:01:00.000-04:002008-06-18T09:01:00.000-04:00Richard -- talk a little about how hard it would b...Richard -- talk a little about how hard it would be to get your ttl to vary by 5 in a reassembled session.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-4095679465341910672008-05-31T10:13:00.000-04:002008-05-31T10:13:00.000-04:00Interesting. I wonder how many other IDSes are su...Interesting. I wonder how many other IDSes are susceptible to similar issues. Might be interesting to watch for any advisories from other IPS vendors in the coming weeks. I'm guessing most of them cut some corners when handling fragmented packets, so it should be interesting.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-7800782136249989462008-05-30T00:32:00.000-04:002008-05-30T00:32:00.000-04:00This comment has been removed by a blog administrator.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-51252370750917435162008-05-29T01:04:00.000-04:002008-05-29T01:04:00.000-04:00This comment has been removed by a blog administrator.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-80346117816199992322008-05-29T01:03:00.001-04:002008-05-29T01:03:00.001-04:00This comment has been removed by a blog administrator.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-5452012338825368462008-05-29T01:03:00.000-04:002008-05-29T01:03:00.000-04:00This comment has been removed by a blog administrator.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-27948163575096017132008-05-29T01:01:00.000-04:002008-05-29T01:01:00.000-04:00This comment has been removed by a blog administrator.Anonymousnoreply@blogger.com