Distributed Intrusion Detection System Evasion

Presented at DEF CON 9 (2001), July 14, 2001, 7 p.m. (50 minutes).

Distributed Intrusion Detection System (DIDSE)

A fast connection is the new era, but your IDS system can handle it?, your Operating System can handle it?. Can you handle it?.

A DDoS is not the worse thing that an attacker can do in a distributed way. A evasion attack can take place while your IDS is just dropping packets, while it is just there checking an innumerable amount of unused packets with unused connections.

There is no tool such as this, or is it? DIDSE distributes the attack ranging the amount of packets to be sent to the network to cause a flood to even modem connections in a timing and hidden way the is virtually impossible to hide it, combined with some accuracy in penetration an attacker could easily bypass the new era security systems. He can bypass your IDS.

Presenters:

• Enrique Sanchez
  Enrique A. Sanchez is an Industrial Engineer wich previously worked as system administrator before becomming senior pen-tester in an european security firm. Enrqiue A. Sanchez is involved in education, R&D and pen-testing.

Links:

• https://defcon.org/html/defcon-9/defcon-9-speakers.html#enrique Montellano
• https://infocon.org/cons/DEF CON/DEF CON 9/DEF CON 9 video/DEF CON 9 - Enrique Sanchez - Distributed Intrusion Detection System Evasion.mp4
• https://www.youtube.com/watch?v=U2kU2vcen-o

Similar Presentations:

• DEF CON 10 (2002) / Correlation and Tracking of Distributed IDS
• DEF CON 8 (2000) / Network IDS - Do not bend, fold, spindle or mutilate