Filter Evasion: Houdini on the Wire
Today security filters can be found on our network perimeter, on our servers, in our frameworks and applications. As our network perimeter becomes more secure, applications become more of a target. Security filters such as IDS and WAF are relied upon to protect applications. Intrusion detection evasion techniques were pioneered over a decade ago. How are today's filters withstanding ever evolving evasion tactics? The presentation will examine how evasion techniques worked in the past and provide insight into how these techniques can still work today; with a focus on HTTP attacks. A practical new way to bypass Snort will be demonstrated. A tool to test other IDS for the vulnerability in Snort will be demonstrated. (Outerz0ne 2009) Video of this presentation at Outerz0ne 5: http://www.irongeek.com/i.php?page=videos/rob-ragan-filter-evasion-houdini-on-the-wire
![Filter Evasion Houdini on the Wire Rob Ragan ( [email_address] ) HP Application Security Center](https://image.slidesharecdn.com/filterevasion-090310145239-phpapp02/85/Filter-Evasion-Houdini-on-the-Wire-1-320.jpg)
![Overview ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
Recommandé
Contenu connexe
Tendances
Tendances (20)
Similaire à Filter Evasion: Houdini on the Wire
Similaire à Filter Evasion: Houdini on the Wire (20)
Plus de Rob Ragan
Plus de Rob Ragan (10)
Dernier
Dernier (20)
Filter Evasion: Houdini on the Wire
- 1. Filter Evasion Houdini on the Wire Rob Ragan ( [email_address] ) HP Application Security Center
- 6. HTTP Filters Are Everywhere Filter Example Intrusion Detection Systems (IDS) Snort Web Application Firewall (WAF) ModSecurity Server Add-on IIS UrlScan Framework ASP.NET Request Validation Browser IE8 XSS Filter Application custom sanitizer See your code
- 8. Filter Responsibility in the OSI Model
- 48. Questions?