Stonesoft bemoan lack of acceptance of advanced evasion technique research

News by Dan Raywood

Stonesoft has bemoaned a lack of interest in its research around advanced evasion techniques (AETs), claiming that other vendors do not take it seriously.

Stonesoft has bemoaned a lack of interest in its research around advanced evasion techniques (AETs), claiming that other vendors do not take it seriously.

While Stonesoft president and CEO Ilkka Hiidenheimo said that when it came to AET's, other vendors ‘had raised the bar', Otto Airamo, senior network security specialist said that there were serious detection failings by other vendor technologies.

He said that it had bought other intrusion protection and firewall detection devices in order to test them against known AETs and when it had gone back with results, the ‘reaction was usually radio-silence and they deny that the problem exists'.

Stonesoft's head of the vulnerability analysis group, Olli-Pekka Niemi, said that it updates the appliances every week and it was not running old technology, so often the AET works on the current version.

He said: “This has worked for us for two years since we put AET out there so it is a problem and since we launched Evader at Black Hat in July, there has not been much around., but other vendors cannot say it doesn't work as they can download a test. The feedback from Evader testers has been positive with thousands downloaded.”

Niemi also said that a major misunderstanding around the language used by AETs, as they use TCP-IP to talk but in a different dialect that devices do not always understand but could also lead to false positives. Stonesoft sad that when the research on AETs was originally announced, there were 180 AETs known about; this increased to 350 a year later and the amount was unknown now.

Topics:

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events