bypassing network security: evading idss, honeypots, and firewalls
TRANSCRIPT
![Page 1: Bypassing Network Security: Evading IDSs, Honeypots, and Firewalls](https://reader036.vdocuments.site/reader036/viewer/2022082417/56649e495503460f94b3c5ea/html5/thumbnails/1.jpg)
CHAPTER 13Bypassing Network Security:
Evading IDSs, Honeypots, and Firewalls
![Page 2: Bypassing Network Security: Evading IDSs, Honeypots, and Firewalls](https://reader036.vdocuments.site/reader036/viewer/2022082417/56649e495503460f94b3c5ea/html5/thumbnails/2.jpg)
Types of IDSs & Evasion Techniques
IDS vs IPS Use packet sniffers
Host Based vs Network Based Signature Based vs Anomaly Based
![Page 3: Bypassing Network Security: Evading IDSs, Honeypots, and Firewalls](https://reader036.vdocuments.site/reader036/viewer/2022082417/56649e495503460f94b3c5ea/html5/thumbnails/3.jpg)
Types of IDSs & Evasion Techniques
Bypassing an IDS Change the traffic (eg: HTTP instead of ICMP) Session Splicing Inserting extra data Obfuscating addresses Use encryption Session hijacking
![Page 4: Bypassing Network Security: Evading IDSs, Honeypots, and Firewalls](https://reader036.vdocuments.site/reader036/viewer/2022082417/56649e495503460f94b3c5ea/html5/thumbnails/4.jpg)
Hacking Tools
ADMutate Rewrites a script
Snort Real-time packet sniffer HIDS traffic-logging tool Both Linux and Windows
![Page 5: Bypassing Network Security: Evading IDSs, Honeypots, and Firewalls](https://reader036.vdocuments.site/reader036/viewer/2022082417/56649e495503460f94b3c5ea/html5/thumbnails/5.jpg)
Firewalls & Honeypots
Firewalls: Hardware vs Software Honeypots
Specter, KFSensor, Nessus Bypassing honeypots
Reverse www shell Compromise an internal system that connects
via port 80 to hacker’s system Use anti-honeypot software to warn of
honeypot systems
![Page 6: Bypassing Network Security: Evading IDSs, Honeypots, and Firewalls](https://reader036.vdocuments.site/reader036/viewer/2022082417/56649e495503460f94b3c5ea/html5/thumbnails/6.jpg)
Enticement vs Entrapment
Honeypot Study Guide:
http://ethics.csc.ncsu.edu/abuse/hacking/honeypots/study.php