Question

Explain three ways for the attacker to avoid raising alarms from intrusion detection systems.

Answer 1

The three ways for the attacker to avoid raising alarms from intrusion detection systems are

Step-by-step explanation:

Session splicing and fragmentation - involve breaking, slicing, and splitting packets into multiple pieces such that no single packet causes the IDS to trigger an alert.

Invalid packets - Sending invalid TCP packets is another way of evading an IDS.

Polymorphic shellcodes -Most IDS systems have a standard default set of intrusion signatures. Attackers can modify the attack payload so that it doesn’t match the default IDS signature and gets through it.

Hope it helps, any confusion you may ask!

Answer 2

IDS or Intrusion detection system is very powerful but clever attack can make it reckless

#1

• Use Insertion attack

It generally denotes to sending dummy intruders in multiple amount the IDS gets confused and attacker can go

#2

Using codewords or doing encoding and decoding(Obfuscating)

• Its very useful technique

#3

Using shell codes

• IDS will be failed if you successfully implement it