130 likes | 299 Views
A short introduction to DoS. Denial of Service Datakom Ht08 Jesper Christensen, Patrick Johansson, Robert Kajic. Introduction Examples Some known incidents Types of attacks DoS – Denial of Service DDoS – Distributed Denial of Service Flavours PDoS - Permanent Denial of Service
E N D
A short introduction to DoS Denial of Service Datakom Ht08 Jesper Christensen, Patrick Johansson, Robert Kajic
Introduction • Examples • Some known incidents • Types of attacks • DoS – Denial of Service • DDoS – Distributed Denial of Service • Flavours • PDoS - Permanent Denial of Service • DRDoS(?) - Distributed Reflected Denial of Service • Unintentional • Prevention • Being prepared • Network infrastructure
Introduction • A ”denial-of-service” or DoS attack is a security threat in which an attacker attempts to deny users from using a service by rendering some network, host or another piece of infrastructure unusable • Typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even DNS root server
Examples • Some examples of DoS attacks are: • ”Flooding” of a network which prevents legitimate network traffic • Disruption of connections between two machines in order to prevent access to a service • Preventing some individual from accessing a service • Disruption of a service to a specific system or person
”Flooding” of a network which prevents legitimate network traffic
Disruption of connections between two machines in order to prevent access to a service
Some known incidents • DDoS attacks against the DNS Root servers • DNS Root servers are responsible for redirecting requests for a particular top domain to that top domains authorative dns servers. I.e. break them and you break the internet. • There have been two major DoS attacks against the root servers • 2002, 9 of 13 servers • 2007, 3 of 13 servers • More recent attacks • Digg.com - social networking site • September 2008, 6 hours downtime • Polisen.se • 1-2 of June 2006 the Swedish police website was subject to an attack originating from multiple countries, probably as a response to the raid on The Pirate Bay. • Simple attack, started out by many people linking to / downloading a picture from the site.
Types of attacks • DoS • Consumption of scarce, limited, or non-renewable resources • Destruction or alteration of configuration information • Ex. • Smurf attack – relies on misconfigured network devices that allow packets to be sent to all computer hosts on a particular network via the broadcast address of the network, rather than a specific machine. By spoofing the source adress the broadcast replies will flood the holder of the fake source address. • Ping flood - sends overwhelming number of ping packets. • SYN flood - sends a flood of TCP/SYN packets, often with a forged sender address.
Types of attacks • DDoS - Distributed Denial of Service • Multiple systems participate in a DoS attack
Types of attacks • Flavors • PDoS - Permanent Denial of Service • Permanently damaging hardware • Not many known examples • DRDoS – Distributed Reflected Denial of Service • Internet protocol spoofing • Unintentional ”attacks” • Slashdot effect • Utube.com sued Youtube.com
Preventing DoS attacks • Being prepared • Secure individual hosts • Minimize number of running services • Setup disk quotas • Make backups • Etc. • Backup Systems • Backup Connections • Network infrastructure • Firewalls • Routers/Switches • IPS – Intrusion Prevention System