wisemonkeys logo
FeedNotificationProfileManage Forms
FeedNotificationSearchSign in
wisemonkeys logo

Blogs

Firewall / IDS Evasion Techniques

profile
44_Vikash Yadav
Sep 15, 2023
0 Likes
0 Discussions
236 Reads

Introduction

An Intrusion Detection System is a set of tools or systems that monitors and analyzes the Network Traffic for any suspicious activities and issues alerts when any such activity is observed.

Similarly, a Firewall is a network security framework, that manages the outbound and inbound network traffic by permitting or blocking the packets based on the set of security rules.

Although the Firewalls and IDS can prevent the Malicious Packets from entering a network, an Attacker can send manipulated packets to the target such that it can evade the IDS / Firewall. There are several such evasion techniques.

 

Following are the Top few Techniques to evade the Firewall or an Intrusion Detection System:

 

 Packet Fragmentation

Generally, as the name itself tells — A Packet Fragmentation is the method, where an attacker splits the probe packets into several smaller fragments, before sending them to the target network. As soon as the packets reach the target system, the IDS or Firewall enqueue them and process each of them one by one. However, being too many packets because of the fragmentation requires greater CPU and network resource consumption. Let me tell you, that most of the Intrusion Detection Systems are configured to skip the fragmented packets during the scanning.

 

Source Routing

An IP datagram contains several fields which also include the source routing information and a list of IP addresses through which the packet will travel to reach its destination. If you don’t know this already, let me tell you when the packets travel through the different nodes in the network, each router examines the destination IP Address associated with it and chooses the next hop to direct the packet to its destination.

 

Spoofing the IP Address

Spoofing the IP Address is one of the hijacking techniques, where an attacker obtains a computer’s IP Address alters the packet headers, and then sends the request packets to the target machine, pretending it to be a legitimate host. The packets also appear to be coming from a legitimate source but actually are sent from the attacker’s machine.

 

Randomizing the order of Host

The attacker scans the number of hosts in the target network in a random order to scan the intended target that is secured behind the firewall. Our favorite tool NMAP provides us an option of randomizing hosts as well.

Comments ()

Sign in

Read Next

Blockchain Security Technique

Blog banner

BEAUTY IS IN THE EYE OF THE BEHOLDER

Blog banner

PROCESS CONTROL BLOCK IN OS

Blog banner

Cyber Security Control

Blog banner

Revolutionary AI Tool: ChatGPT

Blog banner

Cyber Security Standards

Blog banner

Education: Key to your Prosperity

Blog banner

An Approach To Spyware Detection And Removal

Blog banner

IoT Architecture Based Security

Blog banner

Process in OS

Blog banner

Uniprocessor Scheduling

Blog banner

MQTT (MQ Telemetry Transport) in Data Science

Blog banner

GIS REMOTE SENSING

Blog banner

How social media affect

Blog banner

Note on Process, Process creation and Process termination

Blog banner

IT Service Continuity Management

Blog banner

Distributed Denial of Service (DDoS) attack

Blog banner

5 Powerful Mindset Shifts To Make 2026 Your Breakthrough Year

Blog banner

History of ITIL

Blog banner

10 Things To Do On Valentine's Day If You're Single

Blog banner

Fitness

Blog banner

Difference Between Classification And Clustering

Blog banner

Uniprocessor scheduling

Blog banner

Fudgy Tahini Date Chocolate Bars

Blog banner

POVERTY:Causes and solutions to problems

Blog banner

Cycling

Blog banner

Why Time Management Is the Secret to College Success (and How to Master It)

Blog banner

The IT Service Lifecycle

Blog banner

Throttle engine ’Sneak peek into the future’

Blog banner

Big Data

Blog banner

RAID_142

Blog banner

(Input/Output) in os

Blog banner

Spyware

Blog banner

Top Career Paths After a B.Com Degree in Mumbai: What’s Next for You?

Blog banner

Secure Hypertext transfer protocol

Blog banner

Full Disk Encryption

Blog banner

Which is a good bike to buy?

Blog banner

THE INPACT OF SOCIAL MEDIA!

Blog banner

Why Are So Many Adults Getting Diagnosed with ADHD?

Blog banner

Respondo Launches Revolutionary Video Discussion App

Blog banner

Atlantis - The Lost Island.........

Blog banner

Loneliness

Blog banner