What is the best way to evade the NIDS?

You have successfully gained access to a linux server and would like to ensure that the succeeding outgoing
traffic from this server will not be caught by a Network Based Intrusion Detection Systems (NIDS).
What is the best way to evade the NIDS?

You have successfully gained access to a linux server and would like to ensure that the succeeding outgoing
traffic from this server will not be caught by a Network Based Intrusion Detection Systems (NIDS).
What is the best way to evade the NIDS?

A.
Encryption

B.
Protocol Isolation

C.
Alternate Data Streams

D.
Out of band signalling

Explanation:
When the NIDS encounters encrypted traffic, the only analysis it can perform is packet level analysis, since the
application layer contents are inaccessible. Given that exploits against today’s networks are primarily targeted
against network services (application layer entities), packet level analysis ends up doing very little to protect our
core business assets.
http://www.techrepublic.com/article/avoid-these-five-common-ids-implementation-errors/



Leave a Reply 0

Your email address will not be published. Required fields are marked *