1 / 28

Chapter 5 DoS & DDoS

Chapter 5 DoS & DDoS. Hoon Ko hoon.ko@ujep.cz Office# 460, Department of Informatics, J. E. Purkinje University. Learning Objectives. Denial-Of-Service (DoS) attacks Distributed Denial-Of-Service (DDoS) attacks How to protect. DoS. Simple attack

melodie-cantu
Download Presentation

Chapter 5 DoS & DDoS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 5DoS & DDoS Hoon Ko hoon.ko@ujep.cz Office# 460, Department of Informatics, J. E. Purkinje University

  2. Learning Objectives • Denial-Of-Service (DoS) attacks • Distributed Denial-Of-Service (DDoS) attacks • How to protect

  3. DoS • Simple attack • Classic way: visit the target web and press ‘F5 (refresh)’ continually. • an attempt to make a machine or network resource unavailable to its intended users. • Target resources: CPU, Memory, Network (ex. bomb mail etc.) • Those are illegality.

  4. Any malicious act that causes a system to be unusable by its real user(s) • Take numerous forms • Are very common • Can be very costly • Major types • Ping of Death • SYN flooding • Boink, Bonk, Teardrop

  5. Land • Smurf, Fraggle • System Resource Exhaustion Attack

  6. New DoS in smart ages • In smart ages, there are many legal D(D)oS attacks around us. • Many emails from some where, ex., shopping center, shops,… • Many messages from some one, ex., friends, family, unknown persons,…. • Mom/Dad/Wife/son/daughter: they are always / sometimes asking / ordering some things to do by smart devices. • Next?

  7. Ping of death attack • To make big size of ICMP packet • To route big ICMP, it has to do the fragment. It makes them to be delayed.

  8. ping –n 100 –l 65500 target_computer

  9. SYN Flooding attack • Exploits the TCP three-way handshake • Inhibits server’s ability to accept new TCP connections

  10. gcc –o synk synk.c • ./synk 0 target_computer 80 80 • tcpdump eth0 • netstat -an

  11. Boink, Bonk, Teardrop • Protocol reliablity: it depends on next; • packet ordering • packet lose • packet re-send request • BBT attacks three issues to decrease the protocol reliablity.

  12. Teardrop attack • gcc –o newtear newtear.c • ./newtear 222.222.222.222 target_computter -t 80 –n 80

  13. netstat –an : now it is under attacking.

  14. Land attack • When it sends the packets, it makes them to send with attacker’s IP address. • But, it define that the sender IP sets as the destination IP. • Result, the packets can’t forward outside.

  15. Smurf, Fraggle • Non-OS specific attack that uses the network to amplify its effect on the victim • Floods a host with ICMP • Saturates Internet connection with bogus traffic and delays/prevents legitimate traffic from reaching its destination

  16. System Resource Exhaustion Attacks • Available Disk Resource Exhaustion

  17. Available Memory Resource Exhaustion

  18. Available Process Resource Exhaustion

  19. Distributed Denial-of-Service Attacks • Use hundreds of hosts on the Internet to attack the victim by flooding its link to the Internet or depriving it of resources • Used by hackers to target government and business Internet sites • Automated tools; can be executed by script kiddies • Result in temporary loss of access to a given site and associated loss in revenue and prestige

  20. Conducting DDoS Attacks

  21. How to protect • Firewall • IDS • Secure Network set • System patch • Scanning • Set bandwidth to each searvice

More Related