You have compromised a server and successfully gained a root access. You want to pivot and pass traffic undetected over the network and evade any possible Intrusion Detection System. What is the best approach?
A.
Use Alternate Data Streams to hide the outgoing packets from this server.
B.
Use HTTP so that all traffic can be routed vis a browser, thus evading the internal Intrusion Detection Systems.
C.
Install Cryptcat and encrypt outgoing packets from this server.
D.
Install and use Telnet to encrypt all outgoing traffic from this server.
Cryptcat enables us to communicate between two systems and encrypts the communication between them with twofish, one of many excellent encryption algorithms from Bruce Schneier et al. Twofish’s encryption is on par with AES encryption, making it nearly bulletproof. In this way, the IDS can’t detect the malicious behavior taking place even when its traveling across normal HTTP ports like 80 and 443.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit