First page Back Continue Last page Overview Graphics
Detection Failures
Evasion
- Fuzz until evade (AV bypass as well)
- Obfuscate / encode
- All layers
- Fragroute
- Metasploit
- Forest, trees, etc.
Inherent weaknesses
Notes:
Obfuscation examples: HTTP unicode encoding, javascript “encryption”, IP fragmentation, TTL differences, TCP overlaps, v6 tunneling, HTTP in-line gzip
Fragroute
http://monkey.org/~dugsong/fragroute/
Nessus
http://nessus.org/
Metasploit
http://metasploit.com/