DDoS Attacks And Their Progression - PowerPoint PPT Presentation

1 / 18
About This Presentation
Title:

DDoS Attacks And Their Progression

Description:

Attempt to make a computer resource unavailable, usually by flooding the target ... Spam Screensavers. Attacks spammers. Group 9. Conclusion ... – PowerPoint PPT presentation

Number of Views:217
Avg rating:3.0/5.0
Slides: 19
Provided by: Buck4
Category:

less

Transcript and Presenter's Notes

Title: DDoS Attacks And Their Progression


1
DDoS Attacks And Their Progression
  • Group 9
  • Ben Dumford
  • Travis Nauman
  • Doug Showell

2
Denial of Service Attacks
  • What is a Denial of Service Attack?
  • The goal is to disrupt some legitimate activity.
  • Means of a DoS Attack
  • Consume Resources
  • - Resources include Bandwidth, CPU time, etc.
  • Malformed Packets
  • Disrupt Physical Network

3
What is a DDoS attack?
  • Distributed denial-of-service attack
  • Attempt to make a computer resource unavailable,
    usually by flooding the target with internet
    traffic from many different sources
  • Compromised zombie
  • systems

4
IRC Bot Net
  • Internet Relay Chat bot network
  • Hundreds or even thousands of IRC bots Install on
    host computers all over the internet
  • Execute commands from the attacker

5
Zombie Botnets
  • Virus, worm, or trojan gets installed on host
    systems through various methods. These PCs
    become agents of a DDoS attack known as zombies.
  • DDoS tools
  • Trinoo
  • TFN, TFN2k
  • Stacheldraht
  • MyDoom

6
DRDoS Attack
  • Distributed reflected denial of service attack
  • Send requests to a large number of computers
    using spoofed source IP address
  • Only considered a DDoS attack if many hosts send
    out signals to many subnets

7
Unintentional DDoS Attack
  • Usually caused by a sudden spike in popularity
  • Slashdot effect or Digg effect

8
Packet Flooding
  • Most DDoS schemes involve the consumption of
    bandwidth or network resources via packet
    flooding.
  • ICMP Packets
  • UDP Packets
  • TCP Packets
  • TCP SYN Packets
  • Multiple Packet Attacks
  • Latest DNS Look-ups

9
How to Tell If You Are Under Attack
  • Unusually slow network performance
  • Unavailability of a particular website
  • Inability to access any website
  • Dramatic increase in the amount of spam you
    receive in your email account.
  • Source U.S. Computer Emergency Readiness Team.
    Part of Department of Homeland Security

10
Defense Against Becoming a Zombie
  • Unfortunately, defending against DDoS attacks is
    not dependent on the security of your own network
    but of the whole internet.
  • Antivirus Software
  • Firewalls (Zombies hate fire!)
  • Egress Filtering
  • IDS
  • Strong E-mail Policy and Spam Blockers

11
Defense Against Flooding
  • System Monitoring to Detect Attacks/Analyze
    Packets
  • Packet Filtering
  • Rate Limiting
  • Delayed Binding
  • Get to Know Your ISP
  • - Blackhole Filtering
  • Plan in Advance

12
DDoS Attacks
  • Some History
  • First DDoS attacks were mainly directed toward to
    disrupting IRC servers.
  • TimeLine
  • 1996
  • SYN flood
  • Worked with minimum bandwidth

13
DDoS Attacks
  • 1997
  • Vulnerability in Microsoft Windows TCP/IP Stack
  • Tools were teardrop, boink, bonk
  • Smurf Attack
  • Bounce packets off misconfigured network
  • Lagging
  • Just sending a lot of packets

14
DDoS Attacks
  • 1998 - 99
  • Targa
  • Multiple attacks in one tool
  • Attackers would work together to bring down
    systems
  • Big increase in ability to attack computer
    systems this year.

15
DDoS Attacks
  • 2000
  • Many huge sites are taken down
  • Big losses in profit.
  • 2001
  • DNS Attacks
  • Microsoft

16
DDoS Attacks
  • 2002
  • Root DNS servers are attacked
  • No serious damage because of the length of the
    attack.
  • 2003 - 2004
  • Attacking smaller sites and even some extortion
    attempts.
  • Bot networks

17
DDoS Attacks
  • Current
  • Hackers beginning to attack Linux/Unix machines
  • Many web servers are based on those operating
    systems
  • Web servers have a lot of bandwidth and having
    control of the server would mean a lot of attack
    power
  • Spam Screensavers
  • Attacks spammers

18
Conclusion
  • Stopping DDoS attacks depends on the whole
    internet community. Protect your machine from
    malware that could be used in these attacks.
  • Security against DDoS is an ongoing race between
    hackers and security experts.
Write a Comment
User Comments (0)
About PowerShow.com