This is my first post on that blog which I am primarily using to store things which I would otherwise forget. I decided to start with a video (it's a bit slow because I have to use several VMs on my notebook) to make it easier for me as well ( yes I am a slacker) when I need that information again.
Before I start, I would like to take the opportunity to thank m-1-k-3 from the #back-track.de channel on freenode for pointing out the Metasploit NOP Generators. You guys should visit his web site www.s3cur1ty.de and also buy his book which he is going to release very soon and is definetely on my reading list.
Before I start, I would like to take the opportunity to thank m-1-k-3 from the #back-track.de channel on freenode for pointing out the Metasploit NOP Generators. You guys should visit his web site www.s3cur1ty.de and also buy his book which he is going to release very soon and is definetely on my reading list.
Now to the actual post. There are plenty of guides out there which treat Antivirus Evasion but I haven't found much ( or maybe not tried hard enought ) which cover IDS Evasion. So, I was playing around with Snort and it's rules to see what is necessary to circumvent the alert mechanism. This is actually the same which applies to AV Evasion - you just change the stupid signature. Of course, this is much easier with snort because you can just look up the signature with in the rules but as I already mentioned, I am a slacker. ;)
So, here we go
So, here we go