types and DOS attack & basics of denial of service.pdf
jayaprasanna10
57 views
18 slides
Jul 23, 2024
Slide 1 of 18
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
About This Presentation
CF
Slide Content
DoSAttacks
Basics
Basics
OUTLINE
•What Is DoS and what is DoS Attack
•History
•Types of Attacks
•Main targets today
•How to Defend
•Prosecution
•Conclusion
•What Is DoS and what is DoS Attack
•History
•Types of Attacks
•Main targets today
•How to Defend
•Prosecution
•Conclusion
WHAT IS “DOSATTACK”
Denial-Of-ServiceAttack=DOSAttackisamaliciousattemptbya
singlepersonoragroupofpeopletocausethevictim,siteor
nodetodenyservicetoitcustomers.
•DoS=whenasinglehostattacks
•DDoS=whenmultiplehostsattacksimultaneously
Denial-Of-ServiceAttack=DOSAttackisamaliciousattemptbya
singlepersonoragroupofpeopletocausethevictim,siteor
nodetodenyservicetoitcustomers.
•DoS=whenasinglehostattacks
•DDoS=whenmultiplehostsattacksimultaneously
IDEA OF “DOSATTACKS”
•Purposeistoshutdownasite,notpenetrateit.
•Purposemaybevandalism,extortionorsocialaction
(includingterrorism)(Sportsbettingsitesoftenextorted)
•Modificationofinternaldata,changeofprograms(Includes
defacementofwebsites)
•Purposeistoshutdownasite,notpenetrateit.
•Purposemaybevandalism,extortionorsocialaction
(includingterrorism)(Sportsbettingsitesoftenextorted)
•Modificationofinternaldata,changeofprograms(Includes
defacementofwebsites)
Denial of Service Attack
Typical Connection
Typical Connection
HISTORY
Morris Worm (November 2, 1988)
•First DDoS attack to cripple large amounts of network
infrastructure
•Self-replicating, self-propagating.
•Exploited software commonality (monoculture)
1.Fingerd buffer overflow exploit
2.Sendmail root vulnerability
3.Weak passwords
Morris Worm (November 2, 1988)
•First DDoS attack to cripple large amounts of network
infrastructure
•Self-replicating, self-propagating.
•Exploited software commonality (monoculture)
1.Fingerd buffer overflow exploit
2.Sendmail root vulnerability
3.Weak passwords
HISTORY
Morris Worm effect
•Infectedsystemsbecame“catatonic”
•Tookroughlythreedaystocomeundercontrol
•Ultimatelyinfected10%ofInternetcomputers(6,000)and
cost$milliontocleanup.
•Morrisconvictedundercomputerfraudandabuseact,three
yearsprobation,fineof$10,000
Morris Worm effect
•Infectedsystemsbecame“catatonic”
•Tookroughlythreedaystocomeundercontrol
•Ultimatelyinfected10%ofInternetcomputers(6,000)and
cost$milliontocleanup.
•Morrisconvictedundercomputerfraudandabuseact,three
yearsprobation,fineof$10,000
TYPES OF DOSATTACKS
TYPES OF DOSATTACKS
•Penetration
•Eavesdropping
•Man-In-The-Middle
•Flooding
•Penetration
•Eavesdropping
•Man-In-The-Middle
•Flooding
TYPES OF DOSATTACKS
Penetration
•Attackergetsinsideyourmachine
•Cantakeovermachineanddowhateverhewants
•Achievesentryviasoftwareflaw(s),stolenpasswords
orinsideraccess
Penetration
•Attackergetsinsideyourmachine
•Cantakeovermachineanddowhateverhewants
•Achievesentryviasoftwareflaw(s),stolenpasswords
orinsideraccess
TYPES OF DOSATTACKS
Eavesdropping
•Attacker gains access to same network
•Listens to traffic going in and out of your machine
Eavesdropping
•Attacker gains access to same network
•Listens to traffic going in and out of your machine
TYPES OF DOSATTACKS
Man-in-the-Middle
•Attacker listens to output and controls output
•Can substitute messages in both directions
Man-in-the-Middle
•Attacker listens to output and controls output
•Can substitute messages in both directions
TYPES OF DOSATTACKS
Flooding
•Attackersendsanoverwhelmingnumberofmessagesatyour
machine;greatcongestion
•Thecongestionmayoccurinthepathbeforeyourmachine
•Messagesfromlegitimateusersarecrowdedout
•UsuallycalledaDenialofService(DoS)attack,becausethat’s
theeffect.
•Usuallyinvolvesalargenumberofmachines,hence
DistributedDenialofService(DDoS)attack
Flooding
•Attackersendsanoverwhelmingnumberofmessagesatyour
machine;greatcongestion
•Thecongestionmayoccurinthepathbeforeyourmachine
•Messagesfromlegitimateusersarecrowdedout
•UsuallycalledaDenialofService(DoS)attack,becausethat’s
theeffect.
•Usuallyinvolvesalargenumberofmachines,hence
DistributedDenialofService(DDoS)attack
MAIN TARGETS
HOW TO DEFEND
•Firewalls-can effectively prevent users from launching simple
flooding type attacks from machines behind the firewall.
•Switches-Some switches provide automatic and/or system-
widerate limiting,traffic shaping,delayed bindingto detect
and remediate denial of service attacks
•Routers-If you add rules to take flow statistics out of the
router during the DoS attacks, they further slow down and
complicate the matter
•DDS based defense
•Clean pipes
•Firewalls-can effectively prevent users from launching simple
flooding type attacks from machines behind the firewall.
•Switches-Some switches provide automatic and/or system-
widerate limiting,traffic shaping,delayed bindingto detect
and remediate denial of service attacks
•Routers-If you add rules to take flow statistics out of the
router during the DoS attacks, they further slow down and
complicate the matter
•DDS based defense
•Clean pipes
•Nothing can be done to entirely prevent DOS
•Minimize the dangers
–Effective and Robust Design
–Bandwidth Limitations
–Keep Systems Patched
–Run the least amount of services
–Allow only necessary traffic
–Block IP addresses
•Minimize the dangers
–Effective and Robust Design
–Bandwidth Limitations
–Keep Systems Patched
–Run the least amount of services
–Allow only necessary traffic
–Block IP addresses
CONCLUSION
•Roleofinternationalboundaries-consoleslocatedacross
internationalborders,law-enforcementproblem
•Inthepast,asthepresent,DDoShasbeenmoreanuisance
activityconductedbycybervandalsthananactivitywith
specificsocioeconomicaims
•Inthefuture,DDoSmaybeusedasadisruptiveforce,with
broaddestabilizationasitsaiminsteadofthetargetingof
specifictargets
•Destabilizationhasahigh(ROI)ReturnOnInvestmentwhen
comparedtotargetedattacks
•Roleofinternationalboundaries-consoleslocatedacross
internationalborders,law-enforcementproblem
•Inthepast,asthepresent,DDoShasbeenmoreanuisance
activityconductedbycybervandalsthananactivitywith
specificsocioeconomicaims
•Inthefuture,DDoSmaybeusedasadisruptiveforce,with
broaddestabilizationasitsaiminsteadofthetargetingof
specifictargets
•Destabilizationhasahigh(ROI)ReturnOnInvestmentwhen
comparedtotargetedattacks
THANK YOU
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 57
- Slides 18
- Age 497 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
32 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
33 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
31 views
14
Fertility awareness methods for women in the society
Isaiah47
30 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
27 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
29 views