[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Fwd: [DEMO] Sample videos about IDS/IPS evasions...



---------- Forwarded message ----------
From: Nelson Brito <nbrito@xxxxxxxxxx>
Date: Mon, Nov 1, 2010 at 5:40 AM
Subject: RE: [Full-disclosure] [DEMO] Sample videos about IDS/IPS evasions...
To: Jacky Jack <jacksonsmth698@xxxxxxxxx>


http://vimeo.com/16371447

Use this instead!!!

> -----Original Message-----
> From: Jacky Jack [mailto:jacksonsmth698@xxxxxxxxx]
> Sent: Sunday, October 31, 2010 5:43 PM
> To: Nelson Brito
> Subject: Re: [Full-disclosure] [DEMO] Sample videos about IDS/IPS
> evasions...
>
> This video has been removed as a violation of YouTube's policy against
> spam, scams, and commercially deceptive content.
>
>
>
> On Sat, Oct 30, 2010 at 4:47 AM, Nelson Brito <nbrito@xxxxxxxxxx>
> wrote:
> > Hi, everyone!
> >
> >
> >
> > As so many highlights have been given on Intrusion Detection System
> and
> > Intrusion Prevention System evasions (?) last week, I decided to send
> this
> > message just to let you all know that I published a brand-new sample
> video,
> > demonstrating two Exploit Next Generation® example modules,
> successfully
> > evading:
> >
> > ·         SNORT 2.8.6 detection for MS02-056 vulnerability.
> >
> > ·         SURICATA 0.9.0 detection for MS08-078 vulnerability.
> >
> >
> >
> > Here is the YouTube video:
> >
> > ·         http://www.youtube.com/watch?v=iHgtf4PXqeU
> >
> >
> >
> > PS: So, Intrusion Detection System and Intrusion Prevention System
> evasions
> > are not that BIG NEWS, at least not for the H2HC Sixth Edition's
> audience.
> >
> >
> >
> > Before someone asks what the similarities and/or differences between
> Exploit
> > Next Generation® (ENG++) and Advanced Evasion Techniques (AET), let
> me get
> > this clear:
> >
> > ·         ENG++ has a different approach and has no similarity to
> AET,
> > despite the fact that both of them can be used to bypass IDS and IPS
> > technology. Besides, ENG++ is a much older research.
> >
> > ·         ENG++ was first designed in 2004, coded in 2005, published
> in 2008
> > (“Exploit creation - The random approach” or “Playing with random to
> build
> > exploits”), and became a methodology in 2009 (“The Departed: Exploit
> Next
> > Generation – The Philosophy”).
> >
> > ·         ENG++ became a methodology when I decided to port it to
> work
> > with/to any open exploit development framework, i.e., Metasploit
> Framework.
> >
> > ·         Ported means that ENG++ has been developed for a long,
> long, long
> > time, so just some modules is working on Metasploit Framework to
> release
> > some of its example and to help people understanding that really cool
> stuff
> > can be done when you are innovating and creating.
> >
> >
> >
> > In a few words: Exploit Next Generation® Compliance Methodology is
> not the
> > same thing as Advanced Evasion Techniques (ENG++ != AET).
> >
> >
> >
> > For further information, please, visit the URL:
> >
> > ·         http://j.mp/ExploitNG
> >
> >
> >
> > For online information and news about Exploit Next Generation®
> Compliance
> > Methodology, please, follow @Exploit_NG on Twitter.
> >
> >
> >
> > Cheers.
> >
> >
> >
> > Nelson Brito
> >
> > Security Researcher
> >
> > http://fnstenv.blogspot.com/
> >
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/