wisemonkeys logo
FeedNotificationProfileManage Forms
FeedNotificationSearchSign in
wisemonkeys logo

Blogs

Firewall / IDS Evasion Techniques

profile
44_Vikash Yadav
Sep 15, 2023
0 Likes
0 Discussions
236 Reads

Introduction

An Intrusion Detection System is a set of tools or systems that monitors and analyzes the Network Traffic for any suspicious activities and issues alerts when any such activity is observed.

Similarly, a Firewall is a network security framework, that manages the outbound and inbound network traffic by permitting or blocking the packets based on the set of security rules.

Although the Firewalls and IDS can prevent the Malicious Packets from entering a network, an Attacker can send manipulated packets to the target such that it can evade the IDS / Firewall. There are several such evasion techniques.

 

Following are the Top few Techniques to evade the Firewall or an Intrusion Detection System:

 

 Packet Fragmentation

Generally, as the name itself tells — A Packet Fragmentation is the method, where an attacker splits the probe packets into several smaller fragments, before sending them to the target network. As soon as the packets reach the target system, the IDS or Firewall enqueue them and process each of them one by one. However, being too many packets because of the fragmentation requires greater CPU and network resource consumption. Let me tell you, that most of the Intrusion Detection Systems are configured to skip the fragmented packets during the scanning.

 

Source Routing

An IP datagram contains several fields which also include the source routing information and a list of IP addresses through which the packet will travel to reach its destination. If you don’t know this already, let me tell you when the packets travel through the different nodes in the network, each router examines the destination IP Address associated with it and chooses the next hop to direct the packet to its destination.

 

Spoofing the IP Address

Spoofing the IP Address is one of the hijacking techniques, where an attacker obtains a computer’s IP Address alters the packet headers, and then sends the request packets to the target machine, pretending it to be a legitimate host. The packets also appear to be coming from a legitimate source but actually are sent from the attacker’s machine.

 

Randomizing the order of Host

The attacker scans the number of hosts in the target network in a random order to scan the intended target that is secured behind the firewall. Our favorite tool NMAP provides us an option of randomizing hosts as well.

Comments ()

Sign in

Read Next

AI and Data Science: Revolutionizing Industries

Blog banner

INTERNET

Blog banner

Microsoft Windows Overview

Blog banner

Expert System In AI

Blog banner

Types of Malware in Cyber Security

Blog banner

What is time ? The term which has astonished Scientists

Blog banner

Diwali

Blog banner

Smartsheet

Blog banner

Deadlock

Blog banner

Firewall in Computer Network

Blog banner

SMARTSHEET MANAGEMENT SYSTEM

Blog banner

Capacity management in ITSM

Blog banner

Trends that began during the pandemic

Blog banner

Blockchain technology: security risk and prevention

Blog banner

Monday. com App

Blog banner

Hacking

Blog banner

How social media affect

Blog banner

Deadlock and Starvation

Blog banner

DMZ: Your Secret Weapon for Data Security

Blog banner

Clustering Techniques

Blog banner

New Ransomware Encrypts Your Android And Then Changes PIN Lock

Blog banner

How Cyber Forensics use in AI

Blog banner

How to Encrypt and Decrypt Using GNU PGP

Blog banner

Session Vulnerabilities

Blog banner

TAILS OS

Blog banner

Memory Management

Blog banner

Objectives and functions of Operating System...

Blog banner

Threat from Inside: Educating the Employees Against Cyber Threats

Blog banner

Principles of Service Operation

Blog banner

Hash password! Is it really secured?

Blog banner

The Rich Heritage Of Patola Sarees: Gujarat’s Timeless Weaving Art

Blog banner

Interrupts in operating system.

Blog banner

VIRUS

Blog banner

E-commerce

Blog banner

Cloud Computing: Threats and Vulnerabilities

Blog banner

“Shot on iPhone” : A campaign by Apple that turned into a prodigy

Blog banner

Electronic Funds Transfer

Blog banner

Navigating the Digital Battlefield: Security Breaches and Effective Countermeasures

Blog banner

De-Coding Love

Blog banner

Routers

Blog banner

Earth with no trees

Blog banner

Real Time Scheduling

Blog banner