Question

This IDS defeating techniques works by splitting a datagram or packet into multiple fragments and the IDS will not spot the true nature of the fully assembled datagram. the datagram is not reassembled until it reaches its final destination. It would be a processor-intensive task for an IDS to reassemble all fragments itself, and on a busy system the packet will slip through the IDS onto the network. what is this technique called?

A. IP routing or packet dropping
B. IP splicing or packet reassesmbly
C. IDS spoofing or session assembly
D. IP fragmentation or Session splicing

Answer 1

D. IP Fragmentation or Session Splicing

Step-by-step explanation:

The basic premise behind session splicing, or IP Fragmentation, is to deliver the payload over multiple packets thus defeating simple pattern matching without session reconstruction. This payload can be delivered in many different manners and even spread out over a long period of time. Currently, Whisker and Nessus have session splicing capabilities, and other tools exist in the wild.