| |
| F Tests - Evasion |
| |
|
|
|
|
|
 |
| F1 |
Basic IP Fragmentation (ordered 8-byte) [fragrouter F1] |
Pass |
|
|
|
| F2 |
Basic IP Fragmentation (ordered 24-byte) [fragrouter F2] |
Pass |
|
|
|
| F3 |
"Complex IP Fragmentation (ordered 8-byte IP fragments, one out of order) [fragrouter F3]" |
Pass |
|
|
|
| F4 |
"Complex IP Fragmentation (ordered 8-byte IP fragments, one duplicate) [fragrouter F4]" |
Pass |
|
|
|
| F5 |
"Complex IP Fragmentation (out of order 8-byte fragments, one duplicate) [fragrouter F5]" |
Pass |
|
|
|
| F6 |
"Complex IP Fragmentation (ordered 8-byte fragments, marked last frag first) [fragrouter F6]" |
Pass |
|
|
|
| F7 |
"Basic TCP segmentation (3-whs, ordered 1-byte segments, one out of order) [fragrouter T8]" |
Pass |
|
|
|
| F8 |
"Complex TCP Segmentation (3-whs, bad TCP checksum FIN/RST, ordered 1-byte segments) [fragrouter T1]" |
Pass |
|
|
|
| F9 |
"Complex TCP Segmentation (3-whs, ordered 1-byte segments, one duplicate) [fragrouter T3]" |
Pass |
|
|
|
| F10 |
"Complex TCP Segmentation (3-whs, ordered 1-byte segments, one overwriting) [fragrouter T4]" |
Pass |
|
|
|
| F11 |
"Complex TCP Segmentation (3-whs, ordered 2-byte segments, fwd-overwriting) [fragrouter T5]" |
Fail |
Caught neither Unicode nor RDS |
|
|
| F12 |
"Complex TCP Segmentation (3-whs, ordered 1-byte segments, interleaved null segments) [fragrouter T7]" |
Fail |
"Caught RDS, but not Unicode" |
|
|
| F13 |
"Complex TCP Segmentation (3-whs, out of order 1-byte segments) [fragrouter T9]" |
Pass |
|
|
|
| F14 |
"Complex TCP Segmentation (3-whs, ordered 1-byte segments, interleaved SYN) [fragrouter C2]" |
Pass |
|
|
|
| F15 |
"Complex TCP Segmentation (ordered 1-byte null segments, 3-whs, ordered 1-byte segments) [fragrouter C3]" |
Pass |
|
|
|
| F16 |
"Complex TCP Segmentation (3-whs, RST, 3-whs, ordered 1-byte segments) [fragrouter R1]" |
Pass |
|
|
|
| F17 |
"Delayed injection @ 100,000 sessions" |
Pass |
|
|
|
| F18 |
"Delayed injection @ 250,000 sessions" |
Pass |
|
|
|
| F19 |
"Delayed injection @ 500,000 sessions" |
Pass |
|
|
|
| F20 |
HTTP obfuscation (hex encoding) |
Pass |
|
|
|
| F21 |
HTTP obfuscation (double hex encoding) |
Pass |
|
|
|
| F22 |
HTTP obfuscation (Unicode / UTF-8 encoding) |
Pass |
|
|
|
| F23 |
HTTP obfuscation (self-referential directories) [whisker -I 2] |
Pass |
|
|
|
| F24 |
HTTP obfuscation (premature URL ending) [whisker -I 3] |
Pass |
|
|
|
| F25 |
HTTP obfuscation (prepend long string) [whisker -I 4] |
Pass |
|
|
|
| F26 |
HTTP obfuscation (fake URL parameter) [whisker -I 5] |
Pass |
|
|
|
| F27 |
HTTP obfuscation (case sensitivity) [whisker -I 7] |
Pass |
|
|
|
| F28 |
HTTP obfuscation (Windows directory syntax) [whisker -I 8] |
Pass |
|
|
|
| F29 |
HTTP obfuscation (session splicing) [whisker -I 9] |
Pass |
|
|
|
| F30 |
HTTP obfuscation (connection reuse) |
Pass |
|
|
|
| F31 |
HTTP obfuscation (version 0.9) |
Pass |
|
|
|
| F32 |
HTTP obfuscation (version 1.0) |
Pass |
|
|
|
| F33 |
HTTP obfuscation (version 1.1) |
Pass |
|
|
|
| |
