[Snort-devel] Evading Snort via splitting ACKs
David J. Bianco
bianco at ...1589...
Tue Sep 24 05:54:04 EDT 2002
A couple of people have asked for my sample code, so I'm attaching it
below. I've only ever tried to compile it under RedHat 7.3, but I think
it stands a reasonable chance of working elsewhere. You'll need both
libnet and libpcap. Documentation is in the comments at the beginning.
I'd appreciate knowing what your experiences are with this code, and
maybe others would too, so perhaps posting them to list would be
David J. Bianco, GSEC <bianco at ...1589...>
Thomas Jefferson National Accelerator Facility
GPG Fingerprint: 516A B80D AAB3 1617 A340 227A 723B BFBE B395 33BA
The views expressed herein are solely those of the author and
not those of SURA/Jefferson Lab or the US DOE.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 20334 bytes
Desc: not available
More information about the Snort-devel