Attacks using Evasion Technique Highlights Problems with Signature-Based IPS
Released on = June 4, 2007, 6:55 am
Press Release Author = MRB Public Relations Inc.
Industry = Telecommunications
Press Release Summary = Arxceo Helps Customers Prevent Attacks, Not Respond to Them
Press Release Body = Arxceo Helps Customers Prevent Attacks, Not Respond to Them
HUNTSVILLE, Ala., June 4, 2007 - Arxceo® Corporation, a provider of anti-reconnaissance and anomaly behavioral-based attack prevention technology, announced today that it is unaffected by IPS/IDS evasion techniques.
The U.S. Computer Emergency Response Team (US-CERT) recently reported a network evasion technique using full-width and half-width unicode characters to evade detection by an Intrusion Prevention System (IPS) or firewall. Attackers could use this technique to hide attack code within a wrapper so that it no longer matches a known attack signature. This may allow attackers to strike systems normally protected by an IPS or firewall.
Arxceo customers are automatically protected against these types of attacks with no need to patch or alter their product to defend against these and other common exploits. Arxceo's advanced anti-reconnaissance and signature-less zero-day protection doesn\'t require or rely on complex traffic reconstruction, unlike popular, legacy approaches. When new vulnerabilities arise, vendors use these opportunities to rush out a new signature or patch in order to be the first to reiterate their "solid defense".
"There is much evidence that signature-based defenses for Anti-virus can't keep up with the mass amounts of viruses we are facing today," said Fran Howarth, Partner, Hurwitz & Associates. "Signature-based methods are easy to circumvent and as a result businesses should think twice about relying on them for primary security protection. The same holds true for IPS and IDS solutions that rely on these methods."
"Our competitors scramble to add signatures and patch work-arounds and then announce these plugged holes like they have done something heroic," said Chandler Hall, Co-founder of Arxceo. "In reality, all they are really doing is showcasing their potential vulnerabilities that have existed all along. It's odd that these very vendors also market their "zero-day defenses", yet seem to always respond with a new signature release post-occurrence."
"We believe it's important to showcase our true zero-day defense so that our customers, and the market in general, understand the value of our approach," Hall added. "It's important for the market to know that a unique, patented signature-free technology is available. As our anti-reconnaissance technology continues to gain industry accolades, we hope to see other vendors reduce their dependence on signature patching and begin integrating signature-free defenses into their product lines."
About Arxceo® Corporation Arxceo provides anti-reconnaissance and anomaly behavioral-based, attack-prevention appliances that help secure networks from information gathering, vulnerability exploitation, zero-day worm attacks and other malicious network traffic. Arxceo's patented Plug and Protect and Tagged Universal Resource Information Transmission technologies combine to provide the world\'s best anti-reconnaissance layer -- preventing attackers from mining vulnerabilities to exploit. After passing through this layer, Arxceo\'s unique anomaly and behavior-based zero-day attack prevention engines monitor and stop attacks effectively without the use of any signatures. Arxceo is now a JCI Group Company. JCI is a world-leading wireless data solution provider servicing enterprises and individuals requiring secure data communication. For more information, visit www.arxceo.com.