Anti-IDS Tools and Tactics

Over the past twenty years the World Wide Web has grown from a network used purely for the exchange of academic information to the mainstream medium we now use for communication, education, business and a plethora of other uses. This growing reliance on the Internet has forced us to look closely at the lack of security surrounding the interaction we have with the web, and as exposure and risks increase organizations constantly seek to improve their security stance. The latest addition to the range of security technology that can be deployed is the Intrusion Detection System (IDS). IDSs can be installed on a host to monitor system level activity, on a dedicated PC to monitor network traffic, or there is a hybrid version that combines the host based with network traffic analysis to provide greater intelligence. Regardless of the variant chosen, it is a valuable tool in the armour of the discerning Security Manager wishing to add further depth to his defence strategy. This paper focuses purely on Network ID Systems, and discusses the technical detail behind techniques that can be employed to counteract the utility of these systems and identifies tools that actually use the techniques described.