the secrets of ddos attacks
Post on 31-May-2018
216 Views
Preview:
TRANSCRIPT
-
8/14/2019 The secrets of DDos attacks
1/9
The secrets of DDoS attacks
Adam Siemion
-
8/14/2019 The secrets of DDos attacks
2/9
Contents
Introduction (what is DoS and Ddos ?) Threats Timeline Solutions
-
8/14/2019 The secrets of DDos attacks
3/9
DoS
Denial of Serivce (DoS) attack an incidentthat disables a victim from receiving orproviding normal service.
Relies on consuming limited or non-renewable system resources.
Can be launched by using system designweaknesses, CPU intensive tasks orflooding.
-
8/14/2019 The secrets of DDos attacks
4/9
DDoS
Distributed Denial of Service does notdepend on system or protocol weaknesses.
Uses the computing power of thousands ofvulnerable, unpatched machines tooverwhelm a target or a victim.
Compromised hosts are gathered to senduseless service requests at the same time.
The burst of generated traffic crashes thevictim or disables it.
-
8/14/2019 The secrets of DDos attacks
5/9
Threats
Hard to detect and stop. Can spread within a few minutes. Usually period of flooding lasts for a few
hours and is sporadic. IP spoofing makes it harder to identify
attackers.
-
8/14/2019 The secrets of DDos attacks
6/9
DdoS timeline
Febuary 2000 DdoS attack causedshutdown of Yahoo, Amazon, eBay for fewhours.
May 2001 worm Code Red was supposedto attack whitehouse web page.
October 2002 DdoS attack againts DNSservers.
August 2003 worm Blaster attacksMicrosoft web page.
January 2004 virus MyDoom has infected 1
mln of computers, which attack SCO weba e.
-
8/14/2019 The secrets of DDos attacks
7/9
Loses
In 2000 the entire Yahoo network was downfor three hours causing loses around$500,000.
-
8/14/2019 The secrets of DDos attacks
8/9
Solutions to DDoS
Attack prevention and preemption Regular patching and security updates. Prevent hosts from becoming masters/agents.
Attack source traceback Identify source of the attack and block it. Cannot always trace packet origins.
Attack detection and filtering
Identify attack packets. Drop suspect packets. While filtering dropping of useful packets should
be minimum.
-
8/14/2019 The secrets of DDos attacks
9/9
top related