Section 05: Scanning Beyond IDS and Firewall
Evasion Techniques (Routing)
An intrusion detection system (IDS; also intrusion prevention system or IPS) is a device or software application that monitors a network or systems for malicious activity or policy violations.
Links
Techniques to evade IDS/firewalls are
Proxy servers
IP address spoofing
Mac address spoofing
Packet fragmentation
Packet fragmentation
IP fragmentation is an Internet Protocol (IP) process that breaks packets into smaller pieces (fragments), so that the resulting pieces can pass through a link with a smaller maximum transmission unit (MTU) than the original packet size. The fragments are reassembled by the receiving host.
Links
Source routing
In computer networking, source routing, also called path addressing, allows a sender of a packet to partially or completely specify the route the packet takes through the network.
Links
Evasion Techniques (Spoofing)
Internet protocol (IP) address spoofing
In computer networking, IP address spoofing or IP spoofing is the creation of Internet Protocol (IP) packets with a false source IP address, for the purpose of impersonating another computing system.
Links
Media Access Control Address Spoofing
MAC spoofing is a technique for changing a factory-assigned Media Access Control (MAC) address of a network interface on a networked device. The MAC address that is hard-coded on a network interface controller (NIC) cannot be changed. However, many drivers allow the MAC address to be changed.
Links
Evasion Techniques (Other)
Randomizing host order. The nmap option --randomize-hosts man pages is
Proxy Server
In computer networking, a proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource.
Last updated