April 23, 2010

Food for thought !!

By 0x90

Hey every body !! Its been along time i posted on my blog ! I recently had an interview with some security managers of a Multi National Company ! We discussed about alot of Network Security Issues ! Although my mind was kinda rusted because i have lately been working on Web Application vulnerabilities and bypass etc ! i was asked a few questions regarding IDS bypass ! That how it can be done ! and also questions about how to secure the internal network from browser exploits and web worms.And another problem to manage thousands of computers on a remote home/corporate network.

Well there were many solutions. We discussed some of them there but then it kept me thinking. So i came up with a solution.

Back in 2007 i was working with SUNray Thin Clients !! As you can see in the picture below ! What it does is exactly what dumb terminals used to do !They get booted from a remote server and every thing is loaded from that server. The problem was the remote management of 1000s of computers accross the country ! Now with this one can easily boot remote sunray clients through Satellite , from the central server at a central location.

Now the issues that could arise are that sunray thin clients are not a very good solution in some situations , that is if some one wants to use USB or some Director level dude wants to have full controll over which applications he/she has access to , is very difficult ! And then this solution fails. But normally it is the best solution for remote management of computers.

The second problem was IDS bypass ! Well that is pretty simple , what IDS/IDP Systems do is , that it scans the payload on the application layer level to check for anomaly or checks against a DB with signatures and also has many other ways to detect. But I am going to look at theย  Application Layer level portion of the above sentence. Well to bypass it one can easily encrypt the payload ! Now it can be stopped by checking the destination port and that can also be changed !

The third one was to check n mitigate web browser attacks well the solution for that is Websense module for different Hardware firewalls and proxies , which scans the webtraffic for malicious traffic. ๐Ÿ˜‰ ! Feel free to comment , if there are more solutions for the problems !

Stay safe ๐Ÿ™‚

About 0x90

Infosec professional View all posts by 0x90
This entry was posted on Friday, April 23rd, 2010 at 8:51 pm and tagged with , , , and posted in Firewall Evasion, Hacking & Security. You can follow any responses to this entry through the RSS 2.0 feed.

One response to “Food for thought !!

Leave a comment