Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Detecting covert data channels?

from [jasonj] Network Security [Permanent Link]
Subject: Re: Detecting covert data channels?
Date: 8 Jul 2007 09:05:33 -0000 
 
If the data is encoded in the header then it might be very difficult the check 
the presence of covert channels. www.2factor.us/tunnel.html has  discussed and 
implemented such kind of system where in malicious covert channel is 
established by the unused header fields and the channel is encrypted.

 One of the solution (discussed at www.2factor.us/tunnel) for the IPS can be to 
normalize or enforce policies in the unused header fields. This can prevent the 
malicious covert channel. 

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to 
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
 
to learn more.
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: SMTP traffic, Jose Nazario
Next by Date:  TippingPoint detection bypass, Andres Riancho
Previous by Thread:  SMTP traffic, bron
Next by Thread:  Re: Detecting covert data channels?, jeremy
Indexes:  [Date] [Thread] [Top] [All Lists]