A Journey Into the Emotions of Software Developers
Internet security-Group 3
1.
2. What is DoS?
DoS or “Denial of Service” attack is where a
single host attacker attempts to make a
computer resource unavailable by either
injecting a computer virus or flooding the
network with useless traffic.
3. What is DDoS?
DDoS or “Distributed Denial of Service”
attack is a type of tactic used to attack a
victim from multiple compromised
computers simultaneously. The attacker
installs a virus or Trojan software on
compromised systems, and uses them to
flood a victims network in a way that the
victim’s server cannot handle.
4. How is DDoS Done?
Common Forms of DDoS Attacks Include:
Ping of Death is where an attacker sends a ping packet larger than the
maximum IP a computer system can handle causing the system to crash.
Ping of Flood, where an attacker overwhelms the target’s network with
ICMP(Internet Control Message Protocol) Echo request packets. This consumes
a high amount of bandwidth on low to mid-speed networks down to a crawl.
Mail Bomb is when an unauthorized users send a large number of email
messages with large attachments to a particular mail server, causing the disk
space to become full and results in denied email services to other users.
Teardrop Attack creates a stream of IP fragments with their offset field
overloaded. The destination host attempts to reassemble the fragments causing
it to crash or reboot.
5. Is DDoS A Real Threat?
On Christmas Eve 2012 a DDoS attack on a bank in California resulted
in a $900,000 Cyberheist. The cyber attackers used the Gameover
Trojan. There were approximately 62 helpers that flooded a company’s
system allowing the attackers to remotely controle the victims computer
with malware and hide numerous fraudulent bank transfers in amounts
ranging from $4,000 to $100,000.
http://krebsonsecurity.com/2013/02/ddos-attack-on-bank-hid-900000-
cyberheist/
On March 22, 2013, the largest DDoS ever hit the CloudFlare Network,
a host for spam fighting. While most attacks have a ceiling of around
100 Gbps, their network was hit with 120 Gbps. CloudFlare’s providers
were then hit with a massive 300 Gbps DDoS. The result was serious
internet congestion in Europe and Asia.
http://www.esecurityplanet.com/network-security/the-largest-ddos-ever-
hits-the-internet.html
6. What Is A Botnet?
A botnet is a collection of Internet connected programs communicating with other
similar programs in order to perform tasks. These tasks can be as simple as
controlling an internet relay chat or as complex as a node on a distributed denial of
service (DDoS) attack. The term botnet is derived from two common words - robot
and network.
There are two different types of botnets illegal and legal botnets. A legal botnet has
several IRC, or Internet Relay Chat bots that set channel modes on other bots and
users while keeping IRC channels free from unwanted users. An illegal botnet targets
comprised computers whose security defenses have been breached. The controller of
the illegal botnet is able to direct the activities of the compromised computers through
communication channels.
7. Botnet That Has Been Taken Down
The Bamital botnet, which took people’s search results and took them to
dangerous websites that could install malware onto their computer, steal
their personal information, or fraudulently charge businesses for online
advertisement clicks was taken down by Microsoft and Symantec. They
used a combined legal and technical action to take down Bamital. On
January 31, Microsoft filed for a lawsuit supported by a declaration from
Symantec against the botnet’s operators to stop all the communication
lines between the botnet and the malware-infected computers under its
control. The court granted Microsoft’s request and on February 6,
Microsoft was escorted by the U.S. Marshals Service to take evidence
from the web-hosting facilities in Virginia and New Jersey.
8. What is DNS?
Domain Name System (DNS) A large database of unique IP addresses that
corresponds with domain names.
In essence, DNS is simply a database that links meaningful names (known
as host names), such as http://www.microsoft.com, to a specific IP address,
such as 192.168.124.1. Simply linking addresses to names is just the
beginning, though, because DNS has many more features in addition to
host-name-to-address mapping.
9. "DNS Cache Poisoning"
- DNS cache poisoning: An exploit in which the DNS database is changed in
such a way that a URL no longer connects to the correct Web site.
- DNS cache poisoning is also a tool of hackers who want to direct users to
sites infected with worms or keyloggers.
10. Shutting Down the Internet
To completely shut down the Internet in the U.S.A, it would require
someone with the ability to cause damage to the infrastructure of all the
ISP's (Internet Service Provider) major networks which is virtually
impossible to do because there are too many paths into and out of the
country, too many independent providers who would have to be coerced
or damaged. It could possibly be done if multiple governments
coordinated together to shut down all the ISPs at the same time.
The Internet is resilient and difficult to take down completely because it
is decentralized. There is no company or government that owns the
Internet. The Internet is not in a specific location but is spread out all
over the world.