By: Dominic Dinkel                CIS-620DoS
   The world today is heavily dependent on the internet   Denial of service attacks (DoS) are very common today.     “I...
   An attack that attempts to stop or prevent a legitimate user    from accessing a service or system. The attacker will ...
   Unusually slow network performance, unavailability of a    particular website, inability to access any website, and   ...
   Nick-named “Smurf attack” after a program used to make    ICMP flooding attacks.   This attack works by sending fake ...
   This type of attack takes advantage of the SYN request    process.    ◦ Client attempts a TCP connection by sending a ...
   Attacks are illegal and break the terms of service of most ISPs   In the United States, these crimes are covered at t...
   Attacks are being used by governments against other    governments   The next major war will most likely see the use ...
Prochain SlideShare
Chargement dans... 5
×

An introduction to denial of service attacks

431

Published on

Published in: Éducation
0 commentaires
0 mentions J'aime
Statistiques
Remarques
  • Soyez le premier à commenter

  • Be the first to like this

Aucun téléchargement
Vues
Total des vues
431
Sur Slideshare
0
À partir des ajouts
0
Nombre d'ajouts
0
Actions
Partages
0
Téléchargements
0
Commentaires
0
J'aime
0
Ajouts 0
No embeds

No notes for slide

Transcript of "An introduction to denial of service attacks"

  1. 1. By: Dominic Dinkel CIS-620DoS
  2. 2.  The world today is heavily dependent on the internet Denial of service attacks (DoS) are very common today.  “In each of the last six years, between seventeen percent and thirty-two percent of the organizations surveyed were the targets of a DoS attack.” -Computer Security Institute Costs businesses and governments millions of dollars each year to prevent and recover from the attacks.
  3. 3.  An attack that attempts to stop or prevent a legitimate user from accessing a service or system. The attacker will either directly attack the users network or system or the system or service that the users are attempting to access. Distributed denial of service attack (DDoS): ◦ This type of attack is distributed among many different systems making it more powerful and harder to shutdown.
  4. 4.  Unusually slow network performance, unavailability of a particular website, inability to access any website, and dramatic increase in the amount of spam you receive. Symptoms could stem from hardware or software problems and mistaken for a DoS. Users can take steps to prevent becoming part of a botnet: ◦ Install and use Anti-virus software ◦ Setup a firewall to protect your system from unauthorized access ◦ Use common sense security practices to avoid malware, trojans and viruses
  5. 5.  Nick-named “Smurf attack” after a program used to make ICMP flooding attacks. This attack works by sending fake ICMP echo request packets to the networks broadcast address. The attacker will send an ICMP echo request from a location outside the victim’s network to an intermediary who then passes it on to their networks broadcast address. When all machines on the network send a reply packet back, it creates severe problems.
  6. 6.  This type of attack takes advantage of the SYN request process. ◦ Client attempts a TCP connection by sending a SYN request to server ◦ Server responds by sending a SYN-ACK message back ◦ Client then completes the request by sending a an ACK message to the server Attacker takes advantage of this process by flooding the server with SYN requests and never responding to SYN-ACK ◦ Attacker can use spoofed IP addresses, the SYN-ACK goes to faked address The server is left waiting for the ACK message and leaves many connections open. Legitimate requests are ignored.
  7. 7.  Attacks are illegal and break the terms of service of most ISPs In the United States, these crimes are covered at the federal level by the Computer Fraud and Abuse Act In 2006, the U.K. finally passed a specific law calling out DoS attacks as illegal. ◦ Punishable by up to 10 years in prison Laws are ambiguous and often open to interpretation Attacks are seen by some, such as Anonymous, as legal forms of protest Distributed forms of attack are hard to prosecute ◦ Attackers are often outside the jurisdiction of the victim’s country
  8. 8.  Attacks are being used by governments against other governments The next major war will most likely see the use of DoS attacks United States and Iran have traded blows recently over Iran’s nuclear program ◦ Attacks against major US banks in January 2013 are suspected to have come from Iran Russian conflict with Georgia over South Ossetia in 2008 ◦ Georgian systems suffered major DoS attacks while Russian troops intervened in South Ossetia China has used attacks to target Chinese human rights organizations

×