Network Computing | Feature | Security | Watching the Watchers: Intrusion Detection | Page 6

NEWS BLOGS FORUMS NEWSLETTERS RESEARCH EVENTS DIGITAL LIBRARY CAREERS

IMMERSE YOURSELF:

Storage & Servers


	F E A T U R E

Evading NIDS With Silly Packet Games November 13, 2000
	If you've followed the IDS scene, you are probably sick of reading about the various packet games that fool NIDS products. Unfortunately, some network IDS vendors apparently still don't get it. More then a year after we first called a number of vendors out on this painful shortcoming, and almost three years since Thomas H. Ptacek and Timothy N. Newsham first published a white paper about the problems (see secinf.net/info/ids/idspaper/idspaper.html), the issues still exist. Thankfully, some of the big players, like Cisco and ISS, have finally addressed some of these techniques in the latest revisions of their products. Rest assured we'll be testing the effectiveness of their implementations. For the uninitiated, there are a number of tricks you can use to evade network-based intrusion-detection devices. Among them are fragmenting packets, monkeying with the ordering of TCP streams and fragmenting RPC calls. The concepts detailed in Ptacek and Newsham's paper were driven home when Dug Song, who at the time was working for Anzen (an IDS vendor), wrote a program called fragrouter. Fragrouter is an open-source tool for implementing some of the packet-mangling techniques Ptacek and Newsham discussed. While the concept is not rocket science, Song's program is a practical implementation of a tool that was embraced on a global scale by vendors and intruders. So if the white paper wasn't enough, intruders now have the actual tools to bypass most systems...and bypass they do. Vendors of intrusion-detection technology face some tough challenges, but this is one that should have been put in the bag years ago.

PAGE: 1 I 2 I 3 I 4 I 5 I 6 I FIRST PAGE

Ready to take that job and shove it?
Open | Close

Post Your Resume

Employers Area

News & Features

Blogs & Forums

Career Resources

Browse By:
State | City

SPONSOR

RECENT JOB POSTINGS

Featured Jobs:

Boeing seeking Software Engineer 5 in Anaheim, CA

KForce seeking Inside Sales Associate in San Diego, CA

Amalgamated Bank seeking Chief Information Officer in New York, NY

Apollo College seeking Medical Billing and Coding Instructors in Albuquerque, NM

Allstate seeking Exlusive Agent in Las Vegas, NV

For more great jobs, career-related news, features and services, please visit our Career Center.

CAREER NEWS

Federal CTO Sees IT Leading U.S. Out Of Recession

Aneesh Chopra is looking to other CIOs to advise him on fleshing out a more detailed agenda to best serve the president's IT agenda.

IT Spending To Fall By 3.8 Percent

IT spending is expected to decline by 3.8 percent in 2009 according to Gartner.

More articles from our career center


Today's Most Popular Stories • Rolling Review: SOA Appliances • Making The Move To Multicore • Rolling Review: Web 2.0 Tools Demand A Cautious Approach • Rolling Review: Windows Server 2008 Server Core
Today's News Analysis • Amazon EC2 Entices Innovative Uses With Persistent Storage • AIG Private Client Group Diagnoses SOA Glitches With BMC Solution • CA Emphasizes Holistic Enterprise IT Management • Apple Previews Its Next Mac OS 'Snow Leopard'
REPORTS Analyize In-Line NAC strategies and products.	ANALYTICS Plan and design your enterprise blade server deployments

2009 IT Salary Survey: Meager Raises, Solid Prospects

Though raises are notably smaller than a year ago, and job security�s shrinking, IT careers are looking safer than many others in this economic downturn. Get all the findings in InformationWeek's 2009 IT Salary Survey. Available FREE for a limited time.