1 / 9

Ethics of Distributed DoS

Ethics of Distributed DoS. (Why TFN is Evil). March 2, 2000. Mintcho Petkov. Dartmouth College. Timeline of Attacks Feb 7 - Yahoo Feb 8 - CNN, Buy.com, eBay, Amazon Feb 9 - E-Trade, ZDNet. Introduction. Investigation Uncovered Distributed Denial of Service Attack (DDoS)

cais
Download Presentation

Ethics of Distributed DoS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Ethics of Distributed DoS (Why TFN is Evil) March 2, 2000 Mintcho Petkov Dartmouth College

  2. Timeline of Attacks Feb 7 - Yahoo Feb 8 - CNN, Buy.com, eBay, Amazon Feb 9 - E-Trade, ZDNet Introduction Investigation Uncovered Distributed Denial of Service Attack (DDoS) Tool used: Tribe Flood Network (TFN) TFN created by the German hacker Mixter Source: www.CNN.com

  3. What is DoS? Consume all resources. No resources left for others Must be intentional. Denial of Service Attacks Examples Run a CPU-intensive program on tahoe without caring about the results Allocate as much memory as possible (on a multi-user machine) Flood a network address with meaningless traffic (commonly ICMP, UDP) Distributed DoS Denial of Service launched from several computers with automated coordination.

  4. Tribe Flood Network manual Target automated

  5. Parties Involved Creator of TFN (Mixter) Attacker Administrators of compromised machines (zombies) Target Situation Analysis Issues Responsibility of Zombie administrators Mixter’s Responsibility Overall Internet Insecurity

  6. If zombies were secure, no DDoS attack possible Without a large number of high-bandwidth, low-security computers to be compromised, there is no attack. Why were the zombies not secure? Cost to society outweighs cost to individual Conflict of interest (“I have nothing important on this machine, so why invest in security?”) Not everybody is a security expert! Responsibility of Zombie Owners

  7. Security Administrator Tool for Analyzing Networks (SATAN) Automatically exposes system vulnerabilities Legitimate and illegitimate uses Mixter’s Responsibility TFN and Capacity Management Testing the maximum amount of traffic a server can handle Distributed packet flooding tools help Cracking random computers NOT part of Capacity Management Mixter Shares the Blame The tool can only be used for malicious purposes Source: iss.net

  8. Noteworthy Incidents NATO website successfully flooded during Yugoslav War FBI website made inaccessible by a DoS attack (Feb 18, 2000) 227 computers used in a DDoS attack against the University of Minnesota (August 17, 1999) Overall Internet Insecurity General Concerns about TFN Automation Encryption (list of compromised hosts encrypted) Concealment Techniques (broadcast addressing) Large existing networks of compromised machines Sources: CNN.com, news.yahoo.com, iss.net

  9. References: Computer Security - www.iss.net News - CNN.com, news.yahoo.com Mixter’s Website - www.mixter.org Analysis of TFN - staff.washington.edu/dittrich/misc/tfn.analysis Expert on TFN - cbrenton@sover.net (Chris Brenton) Conclusions To Summarize: SATAN can be good TFN is evil People can be careless The Internet is insecure

More Related