140 likes | 413 Vues
Denial of Service Attacks. Clayton Sullivan. Overview. Denial of Service Attack History What is a Denial of Service Attack? Modes of Attack Performing a Denial of Service Attack Distributed Denial of Service Detection and Prevention. History. First major attacks start to appear in 2001.
E N D
Denial of Service Attacks Clayton Sullivan
Overview • Denial of Service Attack History • What is a Denial of Service Attack? • Modes of Attack • Performing a Denial of Service Attack • Distributed Denial of Service • Detection and Prevention
History • First major attacks start to appear in 2001. • Major companies have been hit as well as major Governments • Twitter, Facebook, Google, Amazon, Wal-Mart, Pirate Bay, Irish Government, Iranian Government, Georgian Government
What is a Denial of Service Attack? • It is an attempt to make a computer resource unavailable to its intended users. • Reasons may vary but it is an effort to prevent an internet site or service from functioning efficiently. • Typical Connection • Denial of Service Attack
Attacks • Basic Attack Types • Consumption of computational resources • Bandwidth, disk space, processor time • Disruption of configuration information • Routing information • Disruption of state information • Resetting of TCP sessions • Disruption of physical network components • Obstructing the communication media between the intended users and the victim
Performing a Denial of Service Attack • An attacker sends several authentication messages to a server at once. • These authentication messages have fake return addresses so the server can not find the user to give authentication approval. • The server then waits to close the connection and when it does the attacker can send a new batch of fake requests. • This process is repeated over and over, tying up the service indefinitely.
Distributed Denial of Service • In a distributed denial of service attack, the attacker takes over machines on the internet and uses them to perform a denial of service attack. • Used in order to generate the necessary traffic in order to bring down the resource.
Prevention and Detection • Denial of service attacks can lead to significant loss of time and resources. • Being able to detect and then prevent denial of service attacks can prevent this loss of time and resources • There are both hardware and software solutions for detection and prevention.
Prevention and Detection • A filter can be implemented that sniffs packet info and looks for suspicious patterns and will deny access if one can be found. • Intrusion Prevention Systems • Firewalls, Switches, Routers
Conclusion • History • Denial of Service Attack • Distributed Denial of Service Attack • Prevention and Detection
References • www.wikipedia.org • www.cisco.com • www.cert.org • www.us-cert.gov • news.cnet.com