Evasion Techniques – Reading
Even though IPS systems provide means to prevent malicious attacks from entering the network systems beyond secured perimeter, it is still possible to evade detection through bypass of IPS/IDS and perform an attack. IPS performs deep packet filtering to reveal abnormal content or traffic behavior based on various threshold values that trigger an alert/detection and then executes prevention mechanism if configured right. Possible evasion ways are done via obfuscation, encryption and tunneling, packet fragmentation, protocol violation. One of evasion tools is Evader and others. When data is captured, an analysis of payload is performed to reveal services, sources, destination, etc.. Various IPS are used for protection, such as Palo Alto, Cisco ASA and others. It is critical to constantly review configuration design for threshold values as well as always review all logs to find out of anything might be vulnerable.
Question for the Class: What IPS is greatest in all terms in the market today?
In the News:
Following the bloody terror attacks in Paris where over 130 people were killed, the hacktivist collective Anonymous has declared total war against the Islamic State (IS, formerly ISIS/ISIL).
Anonymous released a video message, posted in French, on YouTube Sunday announcing the beginning of #OpParis, a coordinated campaign to hunt down ISIS’s social media channels and every single supporter of the jihadist group online.
The combat mission #OpParis was announced as revenge for the recent ISIS terror attacks that took place in Paris on Friday, November 13, 2015.
Under the #OpISIS online campaign, an Anonymous group hacked, defaced, unmasked, and reported thousands of ISIS Twitter accounts.
The social network giant Facebook on Friday the 13th deleted an Anonymous group page, which has been exposing and reporting social media accounts linked to pro-ISIS, as well as banned all its administrators, without giving any prior warning
Details at:
http://thehackernews.com/2015/11/parisattacks-anonymous-isis.html
http://www.ndtv.com/world-news/isis-cyber-caliphate-hacks-over-54-000-twitter-accounts-1241901
Leave a Reply