IDS mailing list archives
Re: backdoor detection
From: "Ramesh Gupta" <ramesh () intruvert com>
Date: Fri, 27 Dec 2002 16:30:17 -0800 (PST)
The best and most accurate way to detect non-encrypted backdoors is by performing thorough content analysis of each packet of each flow, which requires considerable computing cycles when performed in software, unless assisted by hardware acceleration. For detecting encrypted backdoors, one has to resort to statistical or timing analysis of traffic and anomaly detection methods. The following paper outlines some content analysis methods and a timing analysis method for detecting backdoors, which you might find useful. Also, the References section of the paper points to other relevant papers. www.icir.org/vern/papers/backdoor-sec00.ps.gz Regards, Ramesh Gupta Founder, VP Engineering Intruvert Networks Inc. 3200-A North First Street San Jose, CA 95134
Hi all, It's known backdoor is difficult to detection. Who can give some methods availble to detect backdoor? thanks! lucy __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
Current thread:
- backdoor detection lee lucy (Dec 27)
- Re: backdoor detection Mattias Hedenskog (Dec 29)
- <Possible follow-ups>
- Re: backdoor detection Ramesh Gupta (Dec 29)
- Re: backdoor detection Jose Nazario (Dec 30)