the secrets of ddos attacks

8/14/2019 The secrets of DDos attacks

1/9

The secrets of DDoS attacks

Adam Siemion


2/9

Contents

Introduction (what is DoS and Ddos ?) Threats Timeline Solutions


3/9

DoS

Denial of Serivce (DoS) attack an incidentthat disables a victim from receiving orproviding normal service.

Relies on consuming limited or non-renewable system resources.

Can be launched by using system designweaknesses, CPU intensive tasks orflooding.


4/9

DDoS

Distributed Denial of Service does notdepend on system or protocol weaknesses.

Uses the computing power of thousands ofvulnerable, unpatched machines tooverwhelm a target or a victim.

Compromised hosts are gathered to senduseless service requests at the same time.

The burst of generated traffic crashes thevictim or disables it.


5/9

Threats

Hard to detect and stop. Can spread within a few minutes. Usually period of flooding lasts for a few

hours and is sporadic. IP spoofing makes it harder to identify

attackers.


6/9

DdoS timeline

Febuary 2000 DdoS attack causedshutdown of Yahoo, Amazon, eBay for fewhours.

May 2001 worm Code Red was supposedto attack whitehouse web page.

October 2002 DdoS attack againts DNSservers.

August 2003 worm Blaster attacksMicrosoft web page.

January 2004 virus MyDoom has infected 1

mln of computers, which attack SCO weba e.


7/9

Loses

In 2000 the entire Yahoo network was downfor three hours causing loses around$500,000.


8/9

Solutions to DDoS

Attack prevention and preemption Regular patching and security updates. Prevent hosts from becoming masters/agents.

Attack source traceback Identify source of the attack and block it. Cannot always trace packet origins.

Attack detection and filtering

Identify attack packets. Drop suspect packets. While filtering dropping of useful packets should

be minimum.


9/9

the secrets of ddos attacks

Documents