Network Intrusion Detection systems can monitor traffic in real time on networks.
Which one of the following techniques can be very effective at avoiding proper detection?
A . Fragmentation of packets.
B . Use of only TCP based protocols.
C . Use of only UDP based protocols.
D . Use of fragmented ICMP traffic only.
Answer: A
Explanation:
If the default fragmentation reassembly timeout is set to higher on the client than on the IDS then the it is possible to send an attack in fragments that will never be reassembled in the IDS but they will be reassembled and read on the client computer acting victim.