DRUPAL CON NASHVIllE 2018 DRUPALCON NASHVILLE.

Slides:



Advertisements
Similar presentations
© 2011 Infoblox Inc. All Rights Reserved. Infoblox – control, secure & automate Mike Carroll.
Advertisements

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Wide-scale Botnet Detection and Characterization Anestis Karasaridis, Brian Rexroad, David Hoeflin.
Flash Crowds And Denial of Service Attacks: Characterization and Implications for CDNs and Web Sites Aaron Beach Cs395 network security.
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
DDoS Attack and Its Defense1 CSE 5473: Network Security Prof. Dong Xuan.
PacNOG 6: Nadi, Fiji Dealing with DDoS Attacks Hervey Allen Network Startup Resource Center.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 8 – Denial of Service.
Distributed Denial of Service Attacks Dennis Galinsky, Brandon Mikelaitis, Michael Stanley Brandon Williams, Ryan Williams.
Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.
Denial of Service Bryan Oemler Web Enhanced Information Management March 22 nd, 2011.
Akamai Technologies - Overview RSA ® Conference 2013.
--Harish Reddy Vemula Distributed Denial of Service.
Lecture 1 Page 1 CS 239, Fall 2010 Distributed Denial of Service Attacks and Defenses CS 239 Advanced Topics in Computer Security Peter Reiher September.
DDOS. Methods – Syn flood – Icmp flood – udp Common amplification vectors – NTP 557 – CharGen 359 – DNS 179 – QOTD 140 – Quake 64 – SSDP 31 – Portmap28.
Denial of Service Sharmistha Roy Adversarial challenges in Web Based Services.
Denial of Service Attack 발표자 : 전지훈. What is Denial of Service Attack?  Denial of Service Attack = DoS Attack  Service attacks on a Web server floods.
Chapter 7 Denial-of-Service Attacks Denial-of-Service (DoS) Attack The NIST Computer Security Incident Handling Guide defines a DoS attack as: “An action.
DoS/DDoS attack and defense
DDoS Things You Need To Know About DDoS Attacks DDoS.
By Steve Shenfield COSC 480.  Definition  Incidents  Damages  Defense Mechanisms Firewalls/Switches/Routers Routing Techniques (Blackholing/Sinkholing)
Matt Jennings.  What is DDoS?  Recent DDoS attacks  History of DDoS  Prevention Techniques.
Financial Services Sector Coordinating Council (FSSCC) 1 Current DDoS landscape - Potential Impact Solutions – ISP v.s Carrier Agnostic Solutions – Fundamental.
KEYNOTE OF THE FUTURE 3: DAVID BECKETT CSIT PhD Student QUEEN’S UNIVERSITY BELFAST.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
CAMPUS LAN DESIGN GUIDE Design Considerations for the High-Performance Campus LAN.
THE DNS (DOMAIN NAME SYSTEM). Before the DNS, all computers connected to the internet through ARPANET (the worlds first operational packet switching network).
Security fundamentals
Mapping/Topology attacks on Virtual Machines
BUILD SECURE PRODUCTS AND SERVICES
Barracuda Link Balancer
DDoS In the Real World Do DDoS attacks really happen?
DDoS Attacks on Financial Institutions Presentation
Chapter 7: Identifying Advanced Attacks
Common Methods Used to Commit Computer Crimes
CONNECTING TO THE INTERNET
Instructor Materials Chapter 7 Network Security
DDoS.
A Real and Rising Concern
Information Technology Sector
Real-time protection for web sites and web apps against ATTACKS
Authors – Johannes Krupp, Michael Backes, and Christian Rossow(2016)
State of the Internet Security – Q2 2017
Network Modeling and Business Intelligence Service
DDoS In the Real World Do DDoS attacks really happen?
Cyber Attacks on Businesses 43% of cyber attacks target small business Only 14% of small business rate their ability to mitigate cyber risk highly.
Introduction to Networking
Introduction to Networking
Network Attacks Dylan Small.
Who should be responsible for risks to basic Internet infrastructure?
Determined Human Adversaries: Mitigations
Is Your Online Security Intelligent? Internet Performance Management
CS4622 Team 4 Worms, DoS, and Smurf Attacks
Internet of Things Vulnerabilities
Sizing …today. T: Here’s how. .
AKAMAI INTELLIGENT PLATFORM™
Chapter 4: Protecting the Organization
Windows 10 Enterprise subscriptions in CSP – Messaging Summary
Protect Your Ecommerce Site From Hacking and Fraud
Presentation slide for courses, classes, lectures et al.
DDoS Attack and Its Defense
Cyber security and Computer Misuse
Determined Human Adversaries: Mitigations
Cybersecurity and Cyberhygiene
Amplification Hell: Revisiting Network Protocols for DDoS Abuse
Marcial Quinones-Cardona
Presentation transcript:

DRUPAL CON NASHVIllE 2018 DRUPALCON NASHVILLE

DRUPAL CAMP NASHVILLE 2018 DDos attack victim? Prevention is better than cure.

DDos attack victim? Prevention is better than cure. Sugandh Khanna Srijan, INDIA Drupal CON NASHVILLE March 2018

AGENDA Distributed denial of service (DDoS) attack - THREAT to Drupal. What is Distributed denial of service (DDoS) attack? History of DDos attack DDos tool - LOIC Live demonstration Impacts of DDoS Attacks on Your Business Drupal Optimization for DDOS

Have you ever experienced: your website disappears off the Internet? A sudden heavy traffic on your website that makes your website go down?

Well, Hold your breath! you may have become the victim of a distributed denial of service (DDoS) attack.

A website company faced an issue: A site where the bots continually hit the user/register and user/password pages. At its height the site was getting 20-50 bot hits a minute. It is a pain. If company did not allow people to open accounts the problem would not be significant.

What is distributed denial of service (DDoS) attack?

What is DOS Attack ? Before proceeding , those who are not aware of the term DOS (Denial of Service Attack), this paragraph is for you : DOS (Denial of Service) is an attack performed on computer or network that reduces, restricts or prevents accessibility os system resources to legitimate users. In simple terms, Attacker floods the victim system with malicious traffic to overload its resources. DOS attack can do temporary or permanent damage to a website. I can also slows down network performance.

In simple words…. bombarding an IP address with large amounts of traffic.

The principle is the same, but the malicious traffic is generated from multiple sources -- although orchestrated from one central point. The fact that the traffic sources are distributed -- often throughout the world -- makes a DDoS attack much harder to block than one originating from a single IP address.

You are not alone!

History of DDOS attack The first-ever DoS attack occurred in 1974 courtesy of David Dennis—a 13-year-old student One of the first large-scale DDoS attacks occurred in August 1999, when a hacker used a tool called “Trinoo” to disable the University of Minnesota’s computer network for more than two days. 2016 brought a long-feared DDoS threat to fruition: cyber- attacks were launched from multiple connected devices turned into botnets. High profile victims of DDoS attacks in 2015 included organizations as diverse as cloud hosting company Linode, games company Valve, Microsoft's Xbox Live network, the BBC, Rutgers University and even the Internet's DNS root servers.

DDoS Attack tool: LOIC Low Orbit Ion Cannon is an open source network stress testing and denial-of- service attack application, written in C#.

Impacts of DDoS Attacks on Your Business

Impacts of DDoS Attacks on Your Business Revenue losses Downtime affects your bottom line. Based on industry surveys, the average cost of downtime is $5,600/minute, or over $300K/hour. Productivity Loss When critical network systems are shut down, your workforce’s productivity comes to a halt.

Impacts of DDoS Attacks on Your Business Reputation Damage Your brand suffers if customers can’t access your site or become casualties of a data breach. Theft Attacks are becoming more advanced and now include stolen funds, customer data, and intellectual property.

What is the best way to protect a website from distributed denial-of-service attacks?

Drupal Optimization for DDos attack

Drupal Optimization for DDos Make sure page caching is enabled, check the settings at admin/config/development/performance Another additional idea is to use a CDN such as cloudflare (they have a free plan) that will server whatever it can from cache without hitting your server.

Drupal Optimization for DDos Boost is good. Boost provides static page caching for Drupal enabling a very significant performance and scalability boost for sites that receive mostly anonymous traffic. For shared hosting this is your best option in terms of improving performance. On dedicated servers, you may want to consider Varnish instead.

Drupal Optimization for DDos Honeypot is awesome. Honeypot uses both the honeypot and timestamp methods of deterring spam bots from completing forms on your Drupal site (read more here). These methods are effective against many spam bots, and are not as intrusive as CAPTCHAs or other methods which punish the user [YouTube].

Drupal Optimization for DDos Ban IP addresses from where the attacks are coming from.

Drupal Optimization for DDos Bandwidth Oversubscription - This one is fairly straightforward. As you grow larger, your bandwidth costs drop. Generally large organizations will lease a significantly larger capacity than they need to account for growth and DDoS attacks. If an attacker is unable to muster enough traffic to overwhelm this, a volumetric attack is generally ineffective.

Drupal Optimization for DDos Automated Mitigation - Many tools will monitor netflow data from routers and other data sources to determine a baseline for traffic. If traffic patterns step out of these zones, DDoS mitigation tools can attract the traffic to them using BGP or other mechanisms and filter out noise. They then pass the clean traffic further into the network. These tools can generally detect both volumetric attacks, and more insidious attacks such as slowloris.

Drupal Optimization for DDos Upstream Blackholing - There are ways to filter UDP traffic using router blackholing. I've seen situations where a business has no need to receive UDP traffic (i.e. NTP and DNS) to their infrastructure, so they have their transit providers blackhole all of this traffic. The largest volumetric attacks out there are generally reflected NTP or DNS amplification attacks.

Drupal Optimization for DDos Third Party Provider - Even many fairly large organizations fear that monster 300 Gbps attack. They often implement either a DNS-based redirect service or a BGP-based service to protect them in case they suffer a sustained attack. I would say CDN providers also fall under this umbrella, since they can help an organization stay online during an attack.

Drupal Optimization for DDos System Hardening - You can often configure both your operating system and your applications to be more resilient to application layer DDoS attacks. Things such as ensuring enough inodes on your Linux server to configuring the right number of Apache worker threads can help make it harder for an attacker to take down your service.

DDos - Prevention is better than cure. Any questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.