01.ExploitDev_104.pdf
(
626 KB
)
Pobierz
Web Application Hacking
104 + Exploitation
Development 104
W. Owen Redwood, Ph.D.
Offensive Computer Security 2.0
http://hackallthethings.com/
Outline
● IDS / IPS
● WAF
● Defeating IDS / IPS & WAF:
○
Web vs Binary Exploitation
■
You should understand the differences by now
○
connect back shellcode
■
refresher on port binding shellcode
○
encoded/polymorphic shellcode
Network Intrusion Detection/Prevention
Systems: (IDS / IPS)
● Primarily defend
against transport &
network level attacks
○
monitors for malicious
activity or policy
violations
■
reports to a
management station
■
usually @ per packet
basis
IDS / IPS packet inspection
●
Stateful Packet
Inspection:
○
○
○
scan TCP / UDP headers
for incoming and
outgoing packets
■
protocol
noncompliance
forms a state model for
each connection
■
for each SYN packet
prevents certain kinds of
denial of service attacks
(TCP)
Stateful
packet
inspection
drop
packets
violating
TCP
state
machine
Plik z chomika:
kufel_007
Inne pliki z tego folderu:
01.ExploitDev_104.pdf
(626 KB)
02.ExploitDev_105.pdf
(2332 KB)
03.ExploitDev_106.pdf
(886 KB)
04.ExploitDev_107.pdf
(1196 KB)
04.HW9.pdf
(82 KB)
Inne foldery tego chomika:
01.Intro
02.SecureC
03.Code_Auditing
04.Linux
05.Windows
Zgłoś jeśli
naruszono regulamin