GIAC Certified Incident Handler (GCIH) — Question 151
Session splicing is an IDS evasion technique in which an attacker delivers data in multiple small-sized packets to the target computer. Hence, it becomes very difficult for an IDS to detect the attack signatures of such attacks. Which of the following tools can be used to perform session splicing attacks?
Each correct answer represents a complete solution. (Choose all that apply.)
Answer options
- A. Whisker
- B. Fragroute
- C. Nessus
- D. Y.A.T.
Correct answer: B, D
Explanation
Fragroute and Y.A.T. are specifically designed to manipulate network packets, making them suitable for session splicing attacks. In contrast, Whisker is primarily a web vulnerability scanner, and Nessus is a vulnerability assessment tool, neither of which are intended for performing session splicing.