[Snort-sigs] Anti-IDS Rules patcher.
bmc at ...95...
Tue Feb 4 17:05:19 EST 2003
On Sat, Feb 01, 2003 at 01:16:21AM +0100, Glenn Larsson wrote:
> Hi, i played with a few IDS evasion tricks
> against Snort today; one scanner i found
> (twwwscan) employ a few simple tricks in
> the URI like:
> "/./", "\\", "/"
Ok... so did snort not catch those? What version are you using? Do you
have the http_decode preprocessor enabled?
BTW, slamming someone isn't the best way to get something changed.
More information about the Snort-sigs