• Télécharger
An introduction to denial of service attacks
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

An introduction to denial of service attacks

le

  • 507 vues

 

Statistiques

Vues

Total des vues
507
Vues sur SlideShare
507
Vues externes
0

Actions

J'aime
0
Téléchargements
0
Commentaires
0

0 Ajouts 0

No embeds

Accessibilité

Catégories

Détails de l'import

Uploaded via as Microsoft PowerPoint

Droits d'utilisation

© Tous droits réservés

Report content

Signalé comme inapproprié Signaler comme inapproprié
Signaler comme inapproprié

Indiquez la raison pour laquelle vous avez signalé cette présentation comme n'étant pas appropriée.

Annuler
  • Full Name Full Name Comment goes here.
    Êtes-vous sûr de vouloir
    Votre message apparaîtra ici
    Processing...
Poster un commentaire
Modifier votre commentaire

An introduction to denial of service attacks Presentation Transcript

  • 1. By: Dominic Dinkel CIS-620DoS
  • 2.  The world today is heavily dependent on the internet Denial of service attacks (DoS) are very common today.  “In each of the last six years, between seventeen percent and thirty-two percent of the organizations surveyed were the targets of a DoS attack.” -Computer Security Institute Costs businesses and governments millions of dollars each year to prevent and recover from the attacks.
  • 3.  An attack that attempts to stop or prevent a legitimate user from accessing a service or system. The attacker will either directly attack the users network or system or the system or service that the users are attempting to access. Distributed denial of service attack (DDoS): ◦ This type of attack is distributed among many different systems making it more powerful and harder to shutdown.
  • 4.  Unusually slow network performance, unavailability of a particular website, inability to access any website, and dramatic increase in the amount of spam you receive. Symptoms could stem from hardware or software problems and mistaken for a DoS. Users can take steps to prevent becoming part of a botnet: ◦ Install and use Anti-virus software ◦ Setup a firewall to protect your system from unauthorized access ◦ Use common sense security practices to avoid malware, trojans and viruses
  • 5.  Nick-named “Smurf attack” after a program used to make ICMP flooding attacks. This attack works by sending fake ICMP echo request packets to the networks broadcast address. The attacker will send an ICMP echo request from a location outside the victim’s network to an intermediary who then passes it on to their networks broadcast address. When all machines on the network send a reply packet back, it creates severe problems.
  • 6.  This type of attack takes advantage of the SYN request process. ◦ Client attempts a TCP connection by sending a SYN request to server ◦ Server responds by sending a SYN-ACK message back ◦ Client then completes the request by sending a an ACK message to the server Attacker takes advantage of this process by flooding the server with SYN requests and never responding to SYN-ACK ◦ Attacker can use spoofed IP addresses, the SYN-ACK goes to faked address The server is left waiting for the ACK message and leaves many connections open. Legitimate requests are ignored.
  • 7.  Attacks are illegal and break the terms of service of most ISPs In the United States, these crimes are covered at the federal level by the Computer Fraud and Abuse Act In 2006, the U.K. finally passed a specific law calling out DoS attacks as illegal. ◦ Punishable by up to 10 years in prison Laws are ambiguous and often open to interpretation Attacks are seen by some, such as Anonymous, as legal forms of protest Distributed forms of attack are hard to prosecute ◦ Attackers are often outside the jurisdiction of the victim’s country
  • 8.  Attacks are being used by governments against other governments The next major war will most likely see the use of DoS attacks United States and Iran have traded blows recently over Iran’s nuclear program ◦ Attacks against major US banks in January 2013 are suspected to have come from Iran Russian conflict with Georgia over South Ossetia in 2008 ◦ Georgian systems suffered major DoS attacks while Russian troops intervened in South Ossetia China has used attacks to target Chinese human rights organizations