wisemonkeys logo
FeedNotificationProfileManage Forms
FeedNotificationSearchSign in
wisemonkeys logo

Blogs

Firewall / IDS Evasion Techniques

profile
44_Vikash Yadav
Sep 15, 2023
0 Likes
0 Discussions
237 Reads

Introduction

An Intrusion Detection System is a set of tools or systems that monitors and analyzes the Network Traffic for any suspicious activities and issues alerts when any such activity is observed.

Similarly, a Firewall is a network security framework, that manages the outbound and inbound network traffic by permitting or blocking the packets based on the set of security rules.

Although the Firewalls and IDS can prevent the Malicious Packets from entering a network, an Attacker can send manipulated packets to the target such that it can evade the IDS / Firewall. There are several such evasion techniques.

 

Following are the Top few Techniques to evade the Firewall or an Intrusion Detection System:

 

 Packet Fragmentation

Generally, as the name itself tells — A Packet Fragmentation is the method, where an attacker splits the probe packets into several smaller fragments, before sending them to the target network. As soon as the packets reach the target system, the IDS or Firewall enqueue them and process each of them one by one. However, being too many packets because of the fragmentation requires greater CPU and network resource consumption. Let me tell you, that most of the Intrusion Detection Systems are configured to skip the fragmented packets during the scanning.

 

Source Routing

An IP datagram contains several fields which also include the source routing information and a list of IP addresses through which the packet will travel to reach its destination. If you don’t know this already, let me tell you when the packets travel through the different nodes in the network, each router examines the destination IP Address associated with it and chooses the next hop to direct the packet to its destination.

 

Spoofing the IP Address

Spoofing the IP Address is one of the hijacking techniques, where an attacker obtains a computer’s IP Address alters the packet headers, and then sends the request packets to the target machine, pretending it to be a legitimate host. The packets also appear to be coming from a legitimate source but actually are sent from the attacker’s machine.

 

Randomizing the order of Host

The attacker scans the number of hosts in the target network in a random order to scan the intended target that is secured behind the firewall. Our favorite tool NMAP provides us an option of randomizing hosts as well.

Comments ()

Sign in

Read Next

File Systems in OS.

Blog banner

What is Minting & Mining

Blog banner

Senseless Teeths

Blog banner

How to tie a Tie

Blog banner

Be you

Blog banner

Malware Defense

Blog banner

Os assignment

Blog banner

Life of a 2020-2021 student

Blog banner

Smartsheet

Blog banner

Clustering Techniques

Blog banner

MailChimp

Blog banner

An Overview of Virtual Machines

Blog banner

Music is life

Blog banner

How Puppet Shows and Role Play Teach Empathy to Preschoolers

Blog banner

What is the point of living if we can die at any moment of our lives ?

Blog banner

Wrike

Blog banner

Multiprocessor and Multicore Organization

Blog banner

WHAT IS SNAPCHAT AND HOW DOES IT WORK?

Blog banner

From Websites To Super Apps For Digital User Experience

Blog banner

Evolution of Operating System

Blog banner

Direct Memory Access

Blog banner

Deadlock

Blog banner

Open Source Project By Google

Blog banner

MIDDLE CLASS MELODIES!!

Blog banner

Travel Geek ‘The last $50k in Switzerland’

Blog banner

How Sleep Impacts Learning and Behaviour for Toddlers?

Blog banner

Memory Management

Blog banner

E-learning in today's world

Blog banner

Tea, Coffee, Red Wine, and Teeth: A Stain Survival Guide

Blog banner

POSITIVE ATTITUDE IN LIFE

Blog banner

Cyber Security Control

Blog banner

MEMORY MANAGEMENT REQUIREMENT

Blog banner

Reconnaissance

Blog banner

Social Engineering Deceptions and Defenses

Blog banner

Blockchain uses and use cases

Blog banner

The art of being alone

Blog banner

Multiprocessor and Multicore Organization

Blog banner

SECURITY VULNERABILITIES COUNTERMEASURES IN A SMART SHIP SYSTEM

Blog banner

This too shall pass

Blog banner

Big Data Architecture

Blog banner

Memory Partitioning

Blog banner

Deadlock and Starvation

Blog banner