MySeq (#SimplifyCybersecurity #EssentialSecurity)
Simplicity is the Ultimate Sophistication
Pages
/home/myseq/blog
/etc/qotd
~/.plan
~/.projects
~/.settings
Aug 2, 2010
IDS Evasion by TCP Checksum
Tags:
evasion
,
tcp/ip
Good posting at
Packetstan
about potential evasion where IPS fails to validate TCP checksums.
Summary:
If IDS turns off the validation on TCP checksum, packet evasion is possible.
First, establish the 3 way-handshake.
Then, fool the IDS by sending a RST packet with bad TCP checksum.
Then continue sending the EVIL packets.
Newer Post
Older Post
Home