--- Em [email protected], "rocknarede13" <rogeriobas...@...> escreveu > > Hi guys, > > How does HLBR track IP fragmentation and other ID evasion's technics?
Hi there, HLBR handles IP fragmentation by archiving and not forwarding the fragmented datagrams until all them are received and reassembled. So, the destination will receive them as they were analised by HLBR's engine. By acting this way many of the evasion techniques are mitigated. If you list others evasion techniques we may discuss them and get to a point. I'm just too busy to remind or search for them. One thing to keep in mind: evasions technique's differ a bit when you are analising a prevention or a detection engine.
