Presentation is loading. Please wait.

Presentation is loading. Please wait.

Bypassing Network Security: Evading IDSs, Honeypots, and Firewalls.

Published byPatrick Hutchinson Modified over 9 years ago

Similar presentations

Presentation on theme: "Bypassing Network Security: Evading IDSs, Honeypots, and Firewalls."— Presentation transcript:

1 Bypassing Network Security: Evading IDSs, Honeypots, and Firewalls

2  IDS vs IPS  Use packet sniffers  Host Based vs Network Based  Signature Based vs Anomaly Based

3  Bypassing an IDS  Change the traffic (eg: HTTP instead of ICMP)  Session Splicing  Inserting extra data  Obfuscating addresses  Use encryption  Session hijacking

4  ADMutate  Rewrites a script  Snort  Real-time packet sniffer  HIDS  traffic-logging tool  Both Linux and Windows

5  Firewalls: Hardware vs Software  Honeypots  Specter, KFSensor, Nessus  Bypassing honeypots  Reverse www shell  Compromise an internal system that connects via port 80 to hacker’s system  Use anti-honeypot software to warn of honeypot systems

6  Honeypot Study Guide:  http://ethics.csc.ncsu.edu/abuse/hacking/honeypo ts/study.php http://ethics.csc.ncsu.edu/abuse/hacking/honeypo ts/study.php

Download ppt "Bypassing Network Security: Evading IDSs, Honeypots, and Firewalls."

Similar presentations

Intrusion Detection/Prevention Systems Charles Poff Bearing Point.

Intrusion Detection/Prevention Systems Charles Poff Bearing Point.
Password Cracking, Network Sniffing, Man-in-the-Middle attacks, and Virtual Private Networks Lab 2 – Class Discussion Group 3 Ruhull Alam Bhuiyan Keon.

Password Cracking, Network Sniffing, Man-in-the-Middle attacks, and Virtual Private Networks Lab 2 – Class Discussion Group 3 Ruhull Alam Bhuiyan Keon.
IP Masquerading Homes and Businesses: When you only have one IP but you have LOTS of machines.

IP Masquerading Homes and Businesses: When you only have one IP but you have LOTS of machines.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
IDPS (Intrusion Detection & Prevention System )

IDPS (Intrusion Detection & Prevention System )
Honeypots and Honeynets Source: The HoneyNet Project Book: Know Your Enemy (2 nd ed) Presented by: Mohammad.

Honeypots and Honeynets Source: The HoneyNet Project Book: Know Your Enemy (2 nd ed) Presented by: Mohammad.
Use of Honey-pots to Detect Exploited Systems Across Large Enterprise Networks Ashish Gupta Network Security May 2004

Use of Honey-pots to Detect Exploited Systems Across Large Enterprise Networks Ashish Gupta Network Security May 2004
1.  To analyze and explain the IDS placement in network topology  To explain the relationship between honey pots and IDS  To explain, analyze and evaluate.

1.  To analyze and explain the IDS placement in network topology  To explain the relationship between honey pots and IDS  To explain, analyze and evaluate.
NETWORK SECURITY INTRUSION DETECTION SYSTEMS (IDS) KANDIAH.M Clarkson University, Potsdam, New York.

NETWORK SECURITY INTRUSION DETECTION SYSTEMS (IDS) KANDIAH.M Clarkson University, Potsdam, New York.
Honeypots Margaret Asami. What are honeypots ? an intrusion detection mechanism entices intruders to attack and eventually take over the system, while.

Honeypots Margaret Asami. What are honeypots ? an intrusion detection mechanism entices intruders to attack and eventually take over the system, while.
1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &

1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &
Use of Honey-pots to Detect Exploited Systems Across Large Enterprise Networks Ashish Gupta Network Security May 2004

Use of Honey-pots to Detect Exploited Systems Across Large Enterprise Networks Ashish Gupta Network Security May 2004
Intrusion Detection using Honeypots Patrick Brannan Honeyd with virtual machines.

Intrusion Detection using Honeypots Patrick Brannan Honeyd with virtual machines.
Intrusion Detection CS-480b Dick Steflik. Hacking Attempts IP Address Scans scan the range of addresses looking for hosts (ping scan) Port Scans scan.

Intrusion Detection CS-480b Dick Steflik. Hacking Attempts IP Address Scans scan the range of addresses looking for hosts (ping scan) Port Scans scan.
Intrusion Detection Systems. Definitions Intrusion –A set of actions aimed to compromise the security goals, namely Integrity, confidentiality, or availability,

Intrusion Detection Systems. Definitions Intrusion –A set of actions aimed to compromise the security goals, namely Integrity, confidentiality, or availability,
Cs490ns - cotter1 Intrusion Detection. cs490ns - cotter2 Outline What is it? What types are there? –Network based –Host based –Stack based Benefits of.

Cs490ns - cotter1 Intrusion Detection. cs490ns - cotter2 Outline What is it? What types are there? –Network based –Host based –Stack based Benefits of.
IDS Mike O’Connor Eric Tallman Matt Yasiejko. Overview IDS defined IDS defined What it does What it does Sample logs Sample logs Why we need it Why we.

IDS Mike O’Connor Eric Tallman Matt Yasiejko. Overview IDS defined IDS defined What it does What it does Sample logs Sample logs Why we need it Why we.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
1 Intrusion Detection Systems. 2 Intrusion Detection Intrusion is any use or attempted use of a system that exceeds authentication limits Intrusions are.

1 Intrusion Detection Systems. 2 Intrusion Detection Intrusion is any use or attempted use of a system that exceeds authentication limits Intrusions are.
Intrusion Protection Mark Shtern. Protection systems Firewalls Intrusion detection and protection systems Honeypots System Auditing.

Intrusion Protection Mark Shtern. Protection systems Firewalls Intrusion detection and protection systems Honeypots System Auditing.

Similar presentations

Ads by Google