Evading Deep Inspection for Fun and Shell
Offered By: Black Hat via YouTube
Course Description
Overview
Explore a 45-minute conference talk from Black Hat USA 2013 that delves into the vulnerabilities of deep packet inspection systems. Learn how researchers Olli-Pekka Niemi and Antti Levomaki uncovered weaknesses in TCP/IP reassembly capabilities of various security devices, including Next Generation Firewalls, IPS, IDS, and BDS. Discover how these vulnerabilities can be exploited to bypass security measures and evade detection. Gain insights into the limitations of current anomaly detection strategies, such as blocking small TCP segments, and understand why these approaches may lead to false positives in real-world traffic scenarios. Examine the researchers' findings on evasion techniques that allow successful attacks without triggering security box logs, even with all signatures set to block.
Syllabus
Black Hat USA 2013 - Evading deep inspection for fun and shell
Taught by
Black Hat
Related Courses
An Introduction to Computer NetworksStanford University via Independent Computer Networks
University of Washington via Coursera Computer Networking
Georgia Institute of Technology via Udacity Cybersecurity and Its Ten Domains
University System of Georgia via Coursera Model Building and Validation
AT&T via Udacity