wisemonkeys logo
FeedNotificationProfileManage Forms
FeedNotificationSearchSign in
wisemonkeys logo

Blogs

Firewall / IDS Evasion Techniques

profile
44_Vikash Yadav
Sep 15, 2023
0 Likes
0 Discussions
236 Reads

Introduction

An Intrusion Detection System is a set of tools or systems that monitors and analyzes the Network Traffic for any suspicious activities and issues alerts when any such activity is observed.

Similarly, a Firewall is a network security framework, that manages the outbound and inbound network traffic by permitting or blocking the packets based on the set of security rules.

Although the Firewalls and IDS can prevent the Malicious Packets from entering a network, an Attacker can send manipulated packets to the target such that it can evade the IDS / Firewall. There are several such evasion techniques.

 

Following are the Top few Techniques to evade the Firewall or an Intrusion Detection System:

 

 Packet Fragmentation

Generally, as the name itself tells — A Packet Fragmentation is the method, where an attacker splits the probe packets into several smaller fragments, before sending them to the target network. As soon as the packets reach the target system, the IDS or Firewall enqueue them and process each of them one by one. However, being too many packets because of the fragmentation requires greater CPU and network resource consumption. Let me tell you, that most of the Intrusion Detection Systems are configured to skip the fragmented packets during the scanning.

 

Source Routing

An IP datagram contains several fields which also include the source routing information and a list of IP addresses through which the packet will travel to reach its destination. If you don’t know this already, let me tell you when the packets travel through the different nodes in the network, each router examines the destination IP Address associated with it and chooses the next hop to direct the packet to its destination.

 

Spoofing the IP Address

Spoofing the IP Address is one of the hijacking techniques, where an attacker obtains a computer’s IP Address alters the packet headers, and then sends the request packets to the target machine, pretending it to be a legitimate host. The packets also appear to be coming from a legitimate source but actually are sent from the attacker’s machine.

 

Randomizing the order of Host

The attacker scans the number of hosts in the target network in a random order to scan the intended target that is secured behind the firewall. Our favorite tool NMAP provides us an option of randomizing hosts as well.

Comments ()

Sign in

Read Next

File management in os

Blog banner

Landslide Hazard

Blog banner

USES OF WHATSAPP

Blog banner

Beautiful and stunning natural phenomena worth to see

Blog banner

Cherish the Craft — Essential Tips to Maintain Your Patola Collection

Blog banner

1.1 basic elements

Blog banner

10 Interesting facts you should know!!!

Blog banner

Navigating the Digital Battlefield: Security Breaches and Effective Countermeasures

Blog banner

How to Run your First android App

Blog banner

Traveling

Blog banner

POSITIVE ATTITUDE IN LIFE

Blog banner

Components of GIS

Blog banner

Critical success factors

Blog banner

What is thread and multithreading ?

Blog banner

semaphores

Blog banner

memory cache

Blog banner

Scheduling in Operating Systems

Blog banner

AI and Data Science: Revolutionizing Industries

Blog banner

Memory Management - operating system

Blog banner

What is Virtual Memory

Blog banner

Introduction to Data Science: Life Cycle & Applications

Blog banner

Why You Should Not Use Free VPNs

Blog banner

CyberSecurity Color Wheel

Blog banner

Policies for Service Transition

Blog banner

Deadlock in Operating System

Blog banner

Data Visualization in Decision-Making

Blog banner

LinkedIn: Watch out for these 7 upcoming updates in 2023

Blog banner

Spyware

Blog banner

Memory Management

Blog banner

6 Digital Marketing Trends You Must Watch Out For In 2022

Blog banner

Uniprocessor scheduling

Blog banner

"Games and the future"

Blog banner

Memory heirachy (Operating system)

Blog banner

Virtual Machine

Blog banner

Dos (Denial of service) Attack

Blog banner

E-Cash (Electronic Cash)

Blog banner

26/11 The Black Day Of Mumbai

Blog banner

Life of a 2020-2021 student

Blog banner

Analysis of Digital Evidence In Identity Theft Investigations

Blog banner

The Impact of Tolerances and Wall Thickness on Pipeline Integrity

Blog banner

Record Blocking

Blog banner

Reclaim Your Bite and Beauty: All About Dental Restorative Treatments

Blog banner