When Internet Protocol (IP) packets travel across networks, they must meet size requirements defined in the network’s Maximum Transmission Unit (MTU). If the packet is larger than the defined MTU, then it must be divided into smaller pieces, which are known as fragments. Attackers can exploit this process for their own purposes by attacking the systems. Packet fragmentation attacks have caused problems for Intrusion Detection Systems (IDSs) for years. In this paper, Snort IDS was tested. VMware virtual machines were used as both the host and victim. Other tools were also implemented in order to generate attacks against the IDS. The experiment results show the performance of Snort IDS when it was being attacked, and the ability of Snort to detect attacks in different ways.
Comments: 12 Pages.
[v1] 2012-08-19 00:09:18
Unique-IP document downloads: 1889 times
Add your own feedback and questions here:
You are equally welcome to be positive or negative about any paper but please be polite. If you are being critical you must mention at least one specific error, otherwise your comment will be deleted as unhelpful.