tailieunhanh - Module 23 Evading IDS Firewall and Honeypot

Firewall (construction), a barrier inside a building or vehicle, designed to limit the spread of fire, heat and structural collapse Firewall (automobile), the part of the vehicle that separates the engine from the driver and passengers Firewall (computing), a technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts | M c IH Certified Ethical Hacker Ethical Hacking and Countermeasures Version 6 Module XXIII Evading IDS Firewalls and Honeypots IM c EH Scenario Certified Ethical Hacker eGlobal Bank had expanded its web presence to include a large number of Internet services. In addition to regular banking services the Bank was now offering bill payment and other transactional services online. They were becoming concerned at the increasing number of web-hacking attacks that were being directed at the Banking Sector. The Bank had basic experience in security and had a firewall installed by a third party supplier few months ago. Few days later bank officials were taken aback by the news that their servers were hacked and sensitive information of thousands of customers was stolen. The stolen information consisted of the details about the customers bank account numbers credit card numbers and their passwords. Something had gone wrong with the Web server. How could the web server be targeted even though the firewall was installed EC-Council Copyright by Ec-Council All Rights Reserved. Reproduction is Strictly Prohibited IM c E H News Certified Ethical Hacker darkREADiNG RISKY B Ụ ị I N E5 Í Attackers Use New Call-Home Method to Infiltrate Home Networks Honeynet Project researchers witness stealthy new method of botnet communication JANUARY 17 2008 I 5 45 PM By Kelly Jacksoil Higgins Senior Editor Dark Reading Now the bad guys have discovered a way to set up a stealthy continuous connection between the machines they infect and their own command and control servers. Researchers with the Honeynet Project have been studying a new method being used by botnet operators and other cyber criminals that sets up what s called a reverse tunnel proxy connection - a connection through the victim s Network Address Translation NAT -based filtering device such as a home router or other router or firewall. What makes this approach different from traditional botnet relationships is that the command and .