SlideShare une entreprise Scribd logo

Denial of services : limiting the threat

Télécharger en tant que PPT, PDF
SensePost
SensePost

Presentation by Charl van der Walt at INFO SEC Africa 2001. The presentation begins with a case study of a DoS attack launched on a number of high profile sites by the canadian teen "Mafiaboy". An explanation of DoS and DDoS given. The impact of DDoS in South Africa is also discussed. The presentation ends with a series of discussions on DDoS countermeasures.

Technologie
1  sur  45
Denial of Service: Limiting the Threat
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],AGENDA
Hi! All about me.
Introduction ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],discussion, truthfully conducted, must lead to public advantage: the discussion stimulates curiosity, and curiosity stimulates invention - Charles Tomlinson - Rudimentary Treatise on the Construction of Locks - 1850
Ooh! Die bang-maak goed
February Fun
February Fun ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
February Fun - the aftermath ,[object Object],[object Object]
Future Imperfect - predictions 2001 Peter G. Neumann SRI International We are likely to see some organized, possibly collaborative, attacks that do some real damage, perhaps to our critical infrastructures, perhaps to our financial systems, perhaps to government systems all of which have significant vulnerabilities.
Future Imperfect - predictions 2001 Bruce Moulton Fidelity Investments Hactivism and other cyber attacks emanating from countries with weak or non-existent legal sanctions and investigative capabilities will escalate. This is likely to be the root of at least one headline-grabbing cyber incident (much bigger than DDOS or LoveBug) that will send a loud wake-up call to the commercial sector.
Future Imperfect - predictions 2001 Marcus H. Sachs US Department of Defense 2001 will also see continued development of distributed denial of service attack networks. These attack networks will no longer rely on manual establishment by the attacker, but will automatically establish themselves through the use of mobile code and html scripting.
The Nuts & Bolts Stuff
Understanding the ‘Net
[object Object],Understanding DoS „ The real requirement is not quick recovery but the absence of outages“ „ We talk today of 'Internet Time'; the Internet does not allow for delays“ Steven J. Ross, Information Systems Control, March 2000
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Why do DoS?
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],How DoS works
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Classical DoS examples
DoS using Amplifiers - SMURF check: www.netscan.org
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Revisiting SYN floods
New Kid on the block - DDoS
Profile of a typical attack ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Building an attack network ,[object Object],[object Object]
Common DDoS tools ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Common DDoS tools ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The challenge of DDoS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Boom! Assesing the impact
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],What me worry?!
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],RSADDoS (in the motherland)
Whoah Cowboy! icsa.net, February 2000: „ The Internet has now taken a drastic "hit" to its reliability and integrity due to the recent DDoS attacks. It is only through the cooperation and unification of all Internet users that we will find the solution-and stop DDoS from taking the Internet out from under our commerce, education, communities, and individuals.“ But has it really been all that bad?
Pow! Fighting back
DoS defense strategies ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Ingress Filtering ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Egress Filtering ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Planning for disaster ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
DDoS - Defending yourself ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Protecting web servers from DoS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Responding to a DoS attack ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Getting Greasy
Configuration Examples - CISCO ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Interesting other stuff
Things to consider ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Other possible tricks ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],DoS the SA way
THE BOTTOM LINE ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
questions?

Recommandé

Denail of Service
Denail of ServiceDenail of Service
Denail of ServiceRamasubbu .P
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attackKaustubh Padwad
 
Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Gaurav Sharma
 
An introduction to denial of service attack
An introduction to denial of service attackAn introduction to denial of service attack
An introduction to denial of service attackMohammad Reza Mousavinasr
 
Network seurity
Network seurityNetwork seurity
Network seurityNaqash Rasheed
 
Assingement on dos ddos
Assingement on dos ddosAssingement on dos ddos
Assingement on dos ddoskalyan kumar
 
Module 9 Dos
Module 9 DosModule 9 Dos
Module 9 Dosleminhvuong
 
12 types of DDoS attacks
12 types of DDoS attacks12 types of DDoS attacks
12 types of DDoS attacksHaltdos
 

Recommandé

Denail of Service
Denail of ServiceDenail of Service
Denail of ServiceRamasubbu .P
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attackKaustubh Padwad
 
Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Gaurav Sharma
 
An introduction to denial of service attack
An introduction to denial of service attackAn introduction to denial of service attack
An introduction to denial of service attackMohammad Reza Mousavinasr
 
Network seurity
Network seurityNetwork seurity
Network seurityNaqash Rasheed
 
Assingement on dos ddos
Assingement on dos ddosAssingement on dos ddos
Assingement on dos ddoskalyan kumar
 
Module 9 Dos
Module 9 DosModule 9 Dos
Module 9 Dosleminhvuong
 
12 types of DDoS attacks
12 types of DDoS attacks12 types of DDoS attacks
12 types of DDoS attacksHaltdos
 
DoS Attack - Incident Handling
DoS Attack - Incident HandlingDoS Attack - Incident Handling
DoS Attack - Incident HandlingMarcelo Silva
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attackAhmed Ghazey
 
Denial of service
Denial of serviceDenial of service
Denial of servicegarishma bhatia
 
DDoS Attacks and Countermeasures
DDoS Attacks and CountermeasuresDDoS Attacks and Countermeasures
DDoS Attacks and Countermeasuresthaidn
 
Denial of Service Attack
Denial of Service AttackDenial of Service Attack
Denial of Service AttackDhrumil Panchal
 
Dos n d dos
Dos n d dosDos n d dos
Dos n d dossadhana21297
 
Network Security
Network SecurityNetwork Security
Network SecurityDURYODHAN MAHAPATRA
 
DDOS Attack
DDOS Attack DDOS Attack
DDOS Attack Ahmed Salama
 
DDoS - Distributed Denial of Service
DDoS - Distributed Denial of ServiceDDoS - Distributed Denial of Service
DDoS - Distributed Denial of ServiceEr. Shiva K. Shrestha
 
Destributed denial of service attack ppt
Destributed denial of service attack pptDestributed denial of service attack ppt
Destributed denial of service attack pptOECLIB Odisha Electronics Control Library
 
An introduction to denial of service attacks
An introduction to denial of service attacksAn introduction to denial of service attacks
An introduction to denial of service attacksRollingsherman
 
DDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtDDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtNitin Bisht
 
Denial Of Service Attack
Denial Of Service AttackDenial Of Service Attack
Denial Of Service AttackVishnuvardhan Reddy
 
Network Security fundamentals
Network Security fundamentalsNetwork Security fundamentals
Network Security fundamentalsTariq kanher
 
Ddos
DdosDdos
Ddosuniversity of Gujrat, pakistan
 
Defense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningDefense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningeSAT Publishing House
 
DDos
DDosDDos
DDosrohit verma
 
Network security
Network securityNetwork security
Network security-jyothish kumar sirigidi
 
Denial of Service Attack Project
Denial of Service Attack ProjectDenial of Service Attack Project
Denial of Service Attack ProjectNadim Ebadi
 
DNS Security, is it enough?
DNS Security, is it enough? DNS Security, is it enough?
DNS Security, is it enough? Zscaler
 
Customer distributed denial of service (DDoS) experiences - Networkshop44
Customer distributed denial of service (DDoS) experiences - Networkshop44Customer distributed denial of service (DDoS) experiences - Networkshop44
Customer distributed denial of service (DDoS) experiences - Networkshop44Jisc
 
Bab 01 complete
Bab 01 completeBab 01 complete
Bab 01 completeNorhisham Mohamad Nordin
 

Contenu connexe

Tendances

DoS Attack - Incident Handling
DoS Attack - Incident HandlingDoS Attack - Incident Handling
DoS Attack - Incident HandlingMarcelo Silva
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attackAhmed Ghazey
 
DDoS Attacks and Countermeasures
DDoS Attacks and CountermeasuresDDoS Attacks and Countermeasures
DDoS Attacks and Countermeasuresthaidn
 
Denial of Service Attack
Denial of Service AttackDenial of Service Attack
Denial of Service AttackDhrumil Panchal
 
DDoS - Distributed Denial of Service
DDoS - Distributed Denial of ServiceDDoS - Distributed Denial of Service
DDoS - Distributed Denial of ServiceEr. Shiva K. Shrestha
 
An introduction to denial of service attacks
An introduction to denial of service attacksAn introduction to denial of service attacks
An introduction to denial of service attacksRollingsherman
 
DDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtDDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtNitin Bisht
 
Network Security fundamentals
Network Security fundamentalsNetwork Security fundamentals
Network Security fundamentalsTariq kanher
 
Defense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningDefense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningeSAT Publishing House
 
Denial of Service Attack Project
Denial of Service Attack ProjectDenial of Service Attack Project
Denial of Service Attack ProjectNadim Ebadi
 
DNS Security, is it enough?
DNS Security, is it enough? DNS Security, is it enough?
DNS Security, is it enough? Zscaler
 

Tendances (20)

DoS Attack - Incident Handling
DoS Attack - Incident HandlingDoS Attack - Incident Handling
DoS Attack - Incident Handling
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attack
 
Denial of service
Denial of serviceDenial of service
Denial of service
 
DDoS Attacks and Countermeasures
DDoS Attacks and CountermeasuresDDoS Attacks and Countermeasures
DDoS Attacks and Countermeasures
 
Denial of Service Attack
Denial of Service AttackDenial of Service Attack
Denial of Service Attack
 
Dos n d dos
Dos n d dosDos n d dos
Dos n d dos
 
Network Security
Network SecurityNetwork Security
Network Security
 
DDOS Attack
DDOS Attack DDOS Attack
DDOS Attack
 
DDoS - Distributed Denial of Service
DDoS - Distributed Denial of ServiceDDoS - Distributed Denial of Service
DDoS - Distributed Denial of Service
 
Destributed denial of service attack ppt
Destributed denial of service attack pptDestributed denial of service attack ppt
Destributed denial of service attack ppt
 
An introduction to denial of service attacks
An introduction to denial of service attacksAn introduction to denial of service attacks
An introduction to denial of service attacks
 
DDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtDDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin Bisht
 
Denial Of Service Attack
Denial Of Service AttackDenial Of Service Attack
Denial Of Service Attack
 
Network Security fundamentals
Network Security fundamentalsNetwork Security fundamentals
Network Security fundamentals
 
Ddos
DdosDdos
Ddos
 
Defense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningDefense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learning
 
DDos
DDosDDos
DDos
 
Network security
Network securityNetwork security
Network security
 
Denial of Service Attack Project
Denial of Service Attack ProjectDenial of Service Attack Project
Denial of Service Attack Project
 
DNS Security, is it enough?
DNS Security, is it enough? DNS Security, is it enough?
DNS Security, is it enough?
 

En vedette

Customer distributed denial of service (DDoS) experiences - Networkshop44
Customer distributed denial of service (DDoS) experiences - Networkshop44Customer distributed denial of service (DDoS) experiences - Networkshop44
Customer distributed denial of service (DDoS) experiences - Networkshop44Jisc
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service AttacksHansa Nidushan
 
How to launch and defend against a DDoS
How to launch and defend against a DDoSHow to launch and defend against a DDoS
How to launch and defend against a DDoSjgrahamc
 
Packet sniffing in switched LANs
Packet sniffing in switched LANsPacket sniffing in switched LANs
Packet sniffing in switched LANsIshraq Al Fataftah
 
(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS Attacks(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS AttacksAmazon Web Services
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security pptLipsita Behera
 
10 DDoS Mitigation Techniques
10 DDoS Mitigation Techniques10 DDoS Mitigation Techniques
10 DDoS Mitigation TechniquesIntruGuard
 

En vedette (10)

Customer distributed denial of service (DDoS) experiences - Networkshop44
Customer distributed denial of service (DDoS) experiences - Networkshop44Customer distributed denial of service (DDoS) experiences - Networkshop44
Customer distributed denial of service (DDoS) experiences - Networkshop44
 
Bab 01 complete
Bab 01 completeBab 01 complete
Bab 01 complete
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service Attacks
 
How to launch and defend against a DDoS
How to launch and defend against a DDoSHow to launch and defend against a DDoS
How to launch and defend against a DDoS
 
Packet sniffing in switched LANs
Packet sniffing in switched LANsPacket sniffing in switched LANs
Packet sniffing in switched LANs
 
(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS Attacks(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS Attacks
 
DDoS Attacks
DDoS AttacksDDoS Attacks
DDoS Attacks
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security ppt
 
Denial of Service Attacks
Denial of Service AttacksDenial of Service Attacks
Denial of Service Attacks
 
10 DDoS Mitigation Techniques
10 DDoS Mitigation Techniques10 DDoS Mitigation Techniques
10 DDoS Mitigation Techniques
 

Similaire à Denial of services : limiting the threat

Fortinet_FortiDDoS_Introduction
Fortinet_FortiDDoS_IntroductionFortinet_FortiDDoS_Introduction
Fortinet_FortiDDoS_Introductionswang2010
 
DrupalCon Vienna 2017 - Anatomy of DDoS
DrupalCon Vienna 2017 - Anatomy of DDoSDrupalCon Vienna 2017 - Anatomy of DDoS
DrupalCon Vienna 2017 - Anatomy of DDoSSuzanne Aldrich
 
Event - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security PerimetersEvent - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security PerimetersSomyos U.
 
Network And Application Layer Attacks
Network And Application Layer AttacksNetwork And Application Layer Attacks
Network And Application Layer AttacksArun Modi
 
PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks
PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks
PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks PROIDEA
 
Protecting your business from ddos attacks
Protecting your business from ddos attacksProtecting your business from ddos attacks
Protecting your business from ddos attacksSaptha Wanniarachchi
 
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...Imperva Incapsula
 
DoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docx
DoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docxDoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docx
DoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docxmadlynplamondon
 
Dos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle AttackDos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle Attackmarada0033
 
Recognizing security threats
Recognizing security threatsRecognizing security threats
Recognizing security threatsKishore Kumar
 
Using the Web or another research tool, search for alternative means.pdf
Using the Web or another research tool, search for alternative means.pdfUsing the Web or another research tool, search for alternative means.pdf
Using the Web or another research tool, search for alternative means.pdffms12345
 
Ch04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksCh04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksInformation Technology
 
Attacks on the cyber world
Attacks on the cyber worldAttacks on the cyber world
Attacks on the cyber worldNikhil Tripathi
 
DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16Radware
 

Similaire à Denial of services : limiting the threat (20)

DDOS (1).ppt
DDOS (1).pptDDOS (1).ppt
DDOS (1).ppt
 
Fortinet_FortiDDoS_Introduction
Fortinet_FortiDDoS_IntroductionFortinet_FortiDDoS_Introduction
Fortinet_FortiDDoS_Introduction
 
DrupalCon Vienna 2017 - Anatomy of DDoS
DrupalCon Vienna 2017 - Anatomy of DDoSDrupalCon Vienna 2017 - Anatomy of DDoS
DrupalCon Vienna 2017 - Anatomy of DDoS
 
Event - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security PerimetersEvent - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security Perimeters
 
Ddos
DdosDdos
Ddos
 
basic knowhow hacking
basic knowhow hackingbasic knowhow hacking
basic knowhow hacking
 
DoS/DDoS
DoS/DDoSDoS/DDoS
DoS/DDoS
 
Network And Application Layer Attacks
Network And Application Layer AttacksNetwork And Application Layer Attacks
Network And Application Layer Attacks
 
PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks
PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks
PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks
 
Protecting your business from ddos attacks
Protecting your business from ddos attacksProtecting your business from ddos attacks
Protecting your business from ddos attacks
 
Hacking and its Defence
Hacking and its DefenceHacking and its Defence
Hacking and its Defence
 
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
 
DoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docx
DoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docxDoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docx
DoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docx
 
Dos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle AttackDos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle Attack
 
Recognizing security threats
Recognizing security threatsRecognizing security threats
Recognizing security threats
 
Using the Web or another research tool, search for alternative means.pdf
Using the Web or another research tool, search for alternative means.pdfUsing the Web or another research tool, search for alternative means.pdf
Using the Web or another research tool, search for alternative means.pdf
 
Ch04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksCh04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and Attacks
 
Attacks on the cyber world
Attacks on the cyber worldAttacks on the cyber world
Attacks on the cyber world
 
DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16
 
Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018
 

Plus de SensePost

objection - runtime mobile exploration
objection - runtime mobile explorationobjection - runtime mobile exploration
objection - runtime mobile explorationSensePost
 
Vulnerabilities in TN3270 based Application
Vulnerabilities in TN3270 based ApplicationVulnerabilities in TN3270 based Application
Vulnerabilities in TN3270 based ApplicationSensePost
 
Ruler and Liniaal @ Troopers 17
Ruler and Liniaal @ Troopers 17Ruler and Liniaal @ Troopers 17
Ruler and Liniaal @ Troopers 17SensePost
 
Introducing (DET) the Data Exfiltration Toolkit
Introducing (DET) the Data Exfiltration ToolkitIntroducing (DET) the Data Exfiltration Toolkit
Introducing (DET) the Data Exfiltration ToolkitSensePost
 
ZaCon 2015 - Zombie Mana Attacks
ZaCon 2015 - Zombie Mana AttacksZaCon 2015 - Zombie Mana Attacks
ZaCon 2015 - Zombie Mana AttacksSensePost
 
Improvement in Rogue Access Points - SensePost Defcon 22
Improvement in Rogue Access Points - SensePost Defcon 22Improvement in Rogue Access Points - SensePost Defcon 22
Improvement in Rogue Access Points - SensePost Defcon 22SensePost
 
Heartbleed Overview
Heartbleed OverviewHeartbleed Overview
Heartbleed OverviewSensePost
 
Botconf 2013 - DNS-based Botnet C2 Server Detection
Botconf 2013 - DNS-based Botnet C2 Server DetectionBotconf 2013 - DNS-based Botnet C2 Server Detection
Botconf 2013 - DNS-based Botnet C2 Server DetectionSensePost
 
Rat a-tat-tat
Rat a-tat-tatRat a-tat-tat
Rat a-tat-tatSensePost
 
Hacking Z-Wave Home Automation Systems
Hacking Z-Wave Home Automation SystemsHacking Z-Wave Home Automation Systems
Hacking Z-Wave Home Automation SystemsSensePost
 
Offence oriented Defence
Offence oriented DefenceOffence oriented Defence
Offence oriented DefenceSensePost
 
Threats to machine clouds
Threats to machine cloudsThreats to machine clouds
Threats to machine cloudsSensePost
 
Inside .NET Smart Card Operating System
Inside .NET Smart Card Operating SystemInside .NET Smart Card Operating System
Inside .NET Smart Card Operating SystemSensePost
 
SNMP : Simple Network Mediated (Cisco) Pwnage
SNMP : Simple Network Mediated (Cisco) PwnageSNMP : Simple Network Mediated (Cisco) Pwnage
SNMP : Simple Network Mediated (Cisco) PwnageSensePost
 
Its Ok To Get Hacked
Its Ok To Get HackedIts Ok To Get Hacked
Its Ok To Get HackedSensePost
 
Web Application Hacking
Web Application HackingWeb Application Hacking
Web Application HackingSensePost
 
Putting the tea back into cyber terrorism
Putting the tea back into cyber terrorismPutting the tea back into cyber terrorism
Putting the tea back into cyber terrorismSensePost
 
Major global information security trends - a summary
Major global information security trends - a summaryMajor global information security trends - a summary
Major global information security trends - a summarySensePost
 
Attacks and Defences
Attacks and DefencesAttacks and Defences
Attacks and DefencesSensePost
 
Corporate Threat Modeling v2
Corporate Threat Modeling v2Corporate Threat Modeling v2
Corporate Threat Modeling v2SensePost
 

Plus de SensePost (20)

objection - runtime mobile exploration
objection - runtime mobile explorationobjection - runtime mobile exploration
objection - runtime mobile exploration
 
Vulnerabilities in TN3270 based Application
Vulnerabilities in TN3270 based ApplicationVulnerabilities in TN3270 based Application
Vulnerabilities in TN3270 based Application
 
Ruler and Liniaal @ Troopers 17
Ruler and Liniaal @ Troopers 17Ruler and Liniaal @ Troopers 17
Ruler and Liniaal @ Troopers 17
 
Introducing (DET) the Data Exfiltration Toolkit
Introducing (DET) the Data Exfiltration ToolkitIntroducing (DET) the Data Exfiltration Toolkit
Introducing (DET) the Data Exfiltration Toolkit
 
ZaCon 2015 - Zombie Mana Attacks
ZaCon 2015 - Zombie Mana AttacksZaCon 2015 - Zombie Mana Attacks
ZaCon 2015 - Zombie Mana Attacks
 
Improvement in Rogue Access Points - SensePost Defcon 22
Improvement in Rogue Access Points - SensePost Defcon 22Improvement in Rogue Access Points - SensePost Defcon 22
Improvement in Rogue Access Points - SensePost Defcon 22
 
Heartbleed Overview
Heartbleed OverviewHeartbleed Overview
Heartbleed Overview
 
Botconf 2013 - DNS-based Botnet C2 Server Detection
Botconf 2013 - DNS-based Botnet C2 Server DetectionBotconf 2013 - DNS-based Botnet C2 Server Detection
Botconf 2013 - DNS-based Botnet C2 Server Detection
 
Rat a-tat-tat
Rat a-tat-tatRat a-tat-tat
Rat a-tat-tat
 
Hacking Z-Wave Home Automation Systems
Hacking Z-Wave Home Automation SystemsHacking Z-Wave Home Automation Systems
Hacking Z-Wave Home Automation Systems
 
Offence oriented Defence
Offence oriented DefenceOffence oriented Defence
Offence oriented Defence
 
Threats to machine clouds
Threats to machine cloudsThreats to machine clouds
Threats to machine clouds
 
Inside .NET Smart Card Operating System
Inside .NET Smart Card Operating SystemInside .NET Smart Card Operating System
Inside .NET Smart Card Operating System
 
SNMP : Simple Network Mediated (Cisco) Pwnage
SNMP : Simple Network Mediated (Cisco) PwnageSNMP : Simple Network Mediated (Cisco) Pwnage
SNMP : Simple Network Mediated (Cisco) Pwnage
 
Its Ok To Get Hacked
Its Ok To Get HackedIts Ok To Get Hacked
Its Ok To Get Hacked
 
Web Application Hacking
Web Application HackingWeb Application Hacking
Web Application Hacking
 
Putting the tea back into cyber terrorism
Putting the tea back into cyber terrorismPutting the tea back into cyber terrorism
Putting the tea back into cyber terrorism
 
Major global information security trends - a summary
Major global information security trends - a summaryMajor global information security trends - a summary
Major global information security trends - a summary
 
Attacks and Defences
Attacks and DefencesAttacks and Defences
Attacks and Defences
 
Corporate Threat Modeling v2
Corporate Threat Modeling v2Corporate Threat Modeling v2
Corporate Threat Modeling v2
 

Dernier

Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????blackmambaettijean
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 

Dernier (20)

Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 

Denial of services : limiting the threat

  • 1. Denial of Service: Limiting the Threat
  • 2.
  • 4.
  • 7.
  • 8.
  • 9. Future Imperfect - predictions 2001 Peter G. Neumann SRI International We are likely to see some organized, possibly collaborative, attacks that do some real damage, perhaps to our critical infrastructures, perhaps to our financial systems, perhaps to government systems all of which have significant vulnerabilities.
  • 10. Future Imperfect - predictions 2001 Bruce Moulton Fidelity Investments Hactivism and other cyber attacks emanating from countries with weak or non-existent legal sanctions and investigative capabilities will escalate. This is likely to be the root of at least one headline-grabbing cyber incident (much bigger than DDOS or LoveBug) that will send a loud wake-up call to the commercial sector.
  • 11. Future Imperfect - predictions 2001 Marcus H. Sachs US Department of Defense 2001 will also see continued development of distributed denial of service attack networks. These attack networks will no longer rely on manual establishment by the attacker, but will automatically establish themselves through the use of mobile code and html scripting.
  • 12. The Nuts & Bolts Stuff
  • 14.
  • 15.
  • 16.
  • 17.
  • 18. DoS using Amplifiers - SMURF check: www.netscan.org
  • 19.
  • 20. New Kid on the block - DDoS
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 27.
  • 28.
  • 29. Whoah Cowboy! icsa.net, February 2000: „ The Internet has now taken a drastic "hit" to its reliability and integrity due to the recent DDoS attacks. It is only through the cooperation and unification of all Internet users that we will find the solution-and stop DDoS from taking the Internet out from under our commerce, education, communities, and individuals.“ But has it really been all that bad?
  • 31.
  • 32.
  • 33.
  • 34.
  • 35.
  • 36.
  • 37.
  • 39.
  • 41.
  • 42.
  • 43.
  • 44.

Notes de l'éditeur

  1. Comment on our background and the kind of work we do - technology focused
  2. Comment on our background and the kind of work we do - technology focused
  3. Comment on actual statistics Give URL as source ** Refer to John Tullet’s talk earlier...
  4. Comment on actual statistics Give URL as source ** Refer to John Tullet’s talk earlier...
  5. Comment on actual statistics Give URL as source ** Refer to John Tullet’s talk earlier...
  6. Comment on actual statistics Give URL as source ** Refer to John Tullet’s talk earlier...
  7. Comment on actual statistics Give URL as source ** Refer to John Tullet’s talk earlier...
  8. Comment on actual statistics Give URL as source ** Refer to John Tullet’s talk earlier...