Which of the following is an extremely common IDS evasion technique in the web world?
A.
unicode characters
B.
spyware
C.
port knocking
D.
subnetting
Explanation:
Unicode attacks can be effective against applications that understand it. Unicode is the international standard
whose goal is to represent every character needed by every written human language as a single integer
number. What is known as Unicode evasion should more correctly be referenced as UTF-8 evasion. Unicode
characters are normally represented with two bytes, but this is impractical in real life.
One aspect of UTF-8 encoding causes problems: non-Unicode characters can be represented encoded. What
is worse is multiple representations of each character can exist. Non-Unicode character encodings are known
as overlong characters, and may be signs of attempted attack.References: http://books.gigatux.nl/mirror/apachesecurity/0596007248/apachesc-chp-10-sect-8.html