Session splicing is an IDS evasion technique in which an attacker delivers data in multiple small-sized packets to the target computer. Hence, it becomes very difficult for an IDS to detect the attack signatures of such attacks. Which of the following tools can be used to perform session splicing attacks?
Each correct answer represents a complete solution. (Choose all that apply.)
Session splicing is an IDS evasion technique that involves delivering data in multiple small-sized packets to the target computer. Tools used for session splicing attacks need to have functionalities such as packet fragmentation and manipulation. Whisker and Nessus are primarily vulnerability scanning tools and lack these specific functionalities. Fragroute is specifically designed to manipulate, fragment, and reorder packets to evade detection by IDS systems, making it suitable for session splicing attacks. Y.A.T. (Yet Another TCP/IP Toolkit) also provides capabilities for packet fragmentation and manipulation, making it another appropriate tool for performing session splicing.
A and C are vuln scan tools. B and D are indeed splicing tools
Fragroute is a tool specifically designed for network intrusion prevention systems evasion techniques, including session splicing. It can manipulate, fragment, and reorder packets to evade detection by IDS systems. Y.A.T. (Yet Another TCP/IP Toolkit) is another tool that can be used for crafting and manipulating packets, making it suitable for performing session splicing attacks. It provides capabilities for packet fragmentation and manipulation to evade detection.