Download - 1 A0953355 曾天財 指導教授:梁明章 教授. Types of Attacks Penetration Eavesdropping Man-in-the-Middle Flooding 2
![Page 1: 1 A0953355 曾天財 指導教授:梁明章 教授. Types of Attacks Penetration Eavesdropping Man-in-the-Middle Flooding 2](https://reader031.vdocuments.site/reader031/viewer/2022012321/56649dbe5503460f94ab1bde/html5/thumbnails/1.jpg)
1
DDOS ATTACK PROGRESSION
A0953355 曾天財指導教授:梁明章 教授
![Page 2: 1 A0953355 曾天財 指導教授:梁明章 教授. Types of Attacks Penetration Eavesdropping Man-in-the-Middle Flooding 2](https://reader031.vdocuments.site/reader031/viewer/2022012321/56649dbe5503460f94ab1bde/html5/thumbnails/2.jpg)
Types of Attacks
Penetration Eavesdropping Man-in-the-Middle Flooding
2
![Page 3: 1 A0953355 曾天財 指導教授:梁明章 教授. Types of Attacks Penetration Eavesdropping Man-in-the-Middle Flooding 2](https://reader031.vdocuments.site/reader031/viewer/2022012321/56649dbe5503460f94ab1bde/html5/thumbnails/3.jpg)
Penetration
Attacker gets inside your machine Can take over machine and do whatever he
wants Achieves entry via software flaw(s), stolen
passwords or insider access
3
![Page 4: 1 A0953355 曾天財 指導教授:梁明章 教授. Types of Attacks Penetration Eavesdropping Man-in-the-Middle Flooding 2](https://reader031.vdocuments.site/reader031/viewer/2022012321/56649dbe5503460f94ab1bde/html5/thumbnails/4.jpg)
Eavesdropping
Attacker gains access to same network Listens to traffic going in and out of your
machine
4
![Page 5: 1 A0953355 曾天財 指導教授:梁明章 教授. Types of Attacks Penetration Eavesdropping Man-in-the-Middle Flooding 2](https://reader031.vdocuments.site/reader031/viewer/2022012321/56649dbe5503460f94ab1bde/html5/thumbnails/5.jpg)
Man-in-the-Middle
Attacker listens to output and controls output Can substitute messages in both directions
5
![Page 6: 1 A0953355 曾天財 指導教授:梁明章 教授. Types of Attacks Penetration Eavesdropping Man-in-the-Middle Flooding 2](https://reader031.vdocuments.site/reader031/viewer/2022012321/56649dbe5503460f94ab1bde/html5/thumbnails/6.jpg)
Flooding Attack
Attacker sends an overwhelming number of messages at your machine; great congestion
Usually called a Denial of Service (DoS) attack, because that’s the effect
Usually involves a large number of machines, hence Distributed Denial of Service (DDoS) attack
6
![Page 7: 1 A0953355 曾天財 指導教授:梁明章 教授. Types of Attacks Penetration Eavesdropping Man-in-the-Middle Flooding 2](https://reader031.vdocuments.site/reader031/viewer/2022012321/56649dbe5503460f94ab1bde/html5/thumbnails/7.jpg)
What is a DDoS attack?
7
“Distributed denial-of-service attack” Attempt to make a computer resource
unavailable, usually by flooding the target with internet traffic from many different sources
![Page 8: 1 A0953355 曾天財 指導教授:梁明章 教授. Types of Attacks Penetration Eavesdropping Man-in-the-Middle Flooding 2](https://reader031.vdocuments.site/reader031/viewer/2022012321/56649dbe5503460f94ab1bde/html5/thumbnails/8.jpg)
DDoS Attacks
8
Some History First DDoS attacks were mainly directed
toward to disrupting IRC servers.
TimeLine 1996
SYN flood Worked with minimum bandwidth
![Page 9: 1 A0953355 曾天財 指導教授:梁明章 教授. Types of Attacks Penetration Eavesdropping Man-in-the-Middle Flooding 2](https://reader031.vdocuments.site/reader031/viewer/2022012321/56649dbe5503460f94ab1bde/html5/thumbnails/9.jpg)
DDoS Attacks
9
1997 Vulnerability in Microsoft Windows TCP/IP
Stack Tools were teardrop, boink, bonk
Smurf Attack Bounce packets off misconfigured network
Lagging Just sending a lot of packets
![Page 10: 1 A0953355 曾天財 指導教授:梁明章 教授. Types of Attacks Penetration Eavesdropping Man-in-the-Middle Flooding 2](https://reader031.vdocuments.site/reader031/viewer/2022012321/56649dbe5503460f94ab1bde/html5/thumbnails/10.jpg)
DDoS Attacks
10
1998 - 99 Targa
Multiple attacks in one tool
Attackers would work together to bring down systems
Big increase in ability to attack computer systems this year.
![Page 11: 1 A0953355 曾天財 指導教授:梁明章 教授. Types of Attacks Penetration Eavesdropping Man-in-the-Middle Flooding 2](https://reader031.vdocuments.site/reader031/viewer/2022012321/56649dbe5503460f94ab1bde/html5/thumbnails/11.jpg)
DDoS Attacks
11
2000 Many huge sites are taken down
Big losses in profit.
2001 DNS Attacks
Microsoft
![Page 12: 1 A0953355 曾天財 指導教授:梁明章 教授. Types of Attacks Penetration Eavesdropping Man-in-the-Middle Flooding 2](https://reader031.vdocuments.site/reader031/viewer/2022012321/56649dbe5503460f94ab1bde/html5/thumbnails/12.jpg)
DDoS Attacks
12
2002 Root DNS servers are attacked
No serious damage because of the length of the attack.
2003 - 2004 Attacking smaller sites and even some
extortion attempts. Bot networks
![Page 13: 1 A0953355 曾天財 指導教授:梁明章 教授. Types of Attacks Penetration Eavesdropping Man-in-the-Middle Flooding 2](https://reader031.vdocuments.site/reader031/viewer/2022012321/56649dbe5503460f94ab1bde/html5/thumbnails/13.jpg)
DDoS Attacks
13
Current Hackers beginning to attack Linux/Unix machines
Many web servers are based on those operating systems
Web servers have a lot of bandwidth and having control of the server would mean a lot of attack power
Spam Screensavers Attacks spammers
![Page 14: 1 A0953355 曾天財 指導教授:梁明章 教授. Types of Attacks Penetration Eavesdropping Man-in-the-Middle Flooding 2](https://reader031.vdocuments.site/reader031/viewer/2022012321/56649dbe5503460f94ab1bde/html5/thumbnails/14.jpg)
謝謝 ~~
14