hey what about using https? unless they have set up IPS to decrypt the traffic you should be cool
cheers Ivan On 8/9/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > On Mon, 8 Aug 2005, Ahmad N wrote: > > > I was trying to gain a reverse shell to a website the other day using a > > buffer overflow exploit, unfortunaetly it seems like they have some kind > > of buffer overflow exploit protection coming from and IDS or IPS so is > > there a way to find out what exactly is running, an IDS or IPS, and > > accordingly is there a way to bypass these systems > > If the IDS uses pcap (tcpdump et al) then you might find a way to crash > the IDS. It seems that new IDS-crashing spoits come up often enough that > perhaps your customer isn't completely up to date. Linuxsecurity.com has > a decent article on testing IDS systems here: > http://www.linuxsecurity.com/content/view/114356/65/. > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
