Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

focus-ids logo IDS mailing list archives

Re: backdoor detection
From: "Ramesh Gupta" <ramesh () intruvert com>
Date: Fri, 27 Dec 2002 16:30:17 -0800 (PST)
The best and most accurate way to detect non-encrypted backdoors is by
performing thorough content analysis of each packet of each flow, which
requires considerable computing cycles when performed in software, unless
assisted by hardware acceleration.

For detecting encrypted backdoors, one has to resort
to statistical or timing analysis of traffic and anomaly detection methods.

The following paper outlines some content analysis methods
and a timing analysis method for detecting backdoors,
which you might find useful. Also, the References section
of the paper points to other relevant papers.

www.icir.org/vern/papers/backdoor-sec00.ps.gz


Regards,

Ramesh Gupta
Founder, VP Engineering
Intruvert Networks Inc.
3200-A North First Street
San Jose, CA 95134





Hi all,
   It's known backdoor is difficult to detection.
Who can give some methods availble to detect backdoor?


thanks!
lucy

__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]