Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.

Slides:

Advertisements

Similar presentations

Module X Session Hijacking

Advertisements

Module VIII Denial Of Service

NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.

Distributed Denial of Service Attacks: Characterization and Defense Will Lefevers CS522 UCCS.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 7 “Denial-of-Service-Attacks”.

Security (Continued) V.T. Raja, Ph.D., Oregon State University.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Network Attacks Mark Shtern.

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Network-Based Denial of Service Attacks Trends, Descriptions, and How to Protect Your Network Craig A. Huegen Cisco Systems, Inc. NANOG 12 Interprovider.

Network-Based Denial of Service Attacks Trends, Descriptions, and How to Protect Your Network Craig A. Huegen Cisco Systems, Inc. NANOG Dearborn,

Computer Security and Penetration Testing

IP Spoofing, CS2651 IP Spoofing Bao Ho ToanTai Vu CS Security Engineering Spring 2003 San Jose State University.

Outline Definition Point-to-point network denial of service

Slide 1 Attacks on TCP/IP. slide 2 Security Issues in TCP/IP uNetwork packets pass by untrusted hosts Eavesdropping (packet sniffing) uIP addresses are.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 7: Denial-of-Service Attacks.

DDos Distributed Denial of Service Attacks by Mark Schuchter.

Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.

Lance West.  Just what is a Denial of Service (DoS) attack, and just how can it be used to attack a network.  A DoS attack involves exploiting operating.

Lecture 15 Denial of Service Attacks

Chapter 9 Phase 3: Denial-of-Service Attacks. Fig 9.1 Denial-of-Service attack categories.

Denial of Service attacks. Types of DoS attacks Bandwidth consumption attackers have more bandwidth than victim, e.g T3 (45Mpbs) attacks T1 (1.544 Mbps).

DENIAL OF SERVICE ATTACK

Denial of Service Attacks: Methods, Tools, and Defenses Authors: Milutinovic, Veljko, Savic, Milan, Milic, Bratislav,

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

1Federal Network Systems, LLC CIS Network Security Instructor Professor Mort Anvair Notice: Use and Disclosure of Data. Limited Data Rights. This proposal.

Week 8-1 Week 8: Denial of Service (DoS) What is Denial of Service Attack? –Any attack that causes a system to be unavailability. This is a violation of.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 8 – Denial of Service.

Overview Network communications exposes one to many different types of risks: No protection of the privacy, integrity, or authenticity of messages Traffic.

Network security Further protocols and issues. Protocols: recap There are a few main protocols that govern the internet: – Internet Protocol: IP – Transmission.

This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

EC-Council Copyright © by EC-Council All Rights reserved. Reproduction is strictly prohibited Security News Source Courtesy:

CHAPTER 10 Session Hijacking. INTRODUCTION The act of taking over a connection of some sort, for examples, network connection, a modem connection or other.

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

Network Security Lecture 6 Presented by: Dr. Munam Ali Shah.

Linux Networking and Security

Denial of Service (DoS). Overview Introduction Background Benchmarks and Metrics Requirements Summary of Methods Conclusion Vijay C Uyyuru Prateek Arora.

Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.

Lecture 22 Network Security CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Hesham El-Rewini.

Distributed Denial of Service Attacks

DoS Suite and Raw Socket Programming Group 16 Thomas Losier Paul Obame Group 16 Thomas Losier Paul Obame.

NETWORK ATTACKS Dr. Andy Wu BCIS 4630 Fundamentals of IT Security.

Denial of Service Attacks Dr. John R. Durrett ISQS 6342 Spring 2003 Dipen Joshi.

Denial of Service Attacks

Chapter 7 Denial-of-Service Attacks Denial-of-Service (DoS) Attack The NIST Computer Security Incident Handling Guide defines a DoS attack as: “An action.

Denial of Service DoS attacks try to deny legimate users access to services, networks, systems or to other resources. There are DoS tools available, thus.

________________ CS3235, Nov 2002 (Distributed) Denial of Service Relatively new development. –Feb 2000 saw attacks on Yahoo, buy.com, ebay, Amazon, CNN.

Denial of Service Attacks: Methods, Tools, and Defenses Prof. Mort Anvari Strayer University at Arlington.

Computer Science and Engineering Computer System Security CSE 5339/7339 Session 25 November 16, 2004.

TCP Security Vulnerabilities Phil Cayton CSE

1 Distributed Denial of Service Attacks. Potential Damage of DDoS Attacks l The Problem: Massive distributed DoS attacks have the potential to severely.

DoS/DDoS attack and defense

Network Security Threats KAMI VANIEA 18 JANUARY KAMI VANIEA 1.

Network-Based Denial of Service Attacks Trends, Descriptions, and How to Protect Your Network Craig A. Huegen Cisco Systems, Inc. SANS ‘98 Conference -

DOS Attacks Lyle YapDiangco COEN 150 5/21/04. Background DOS attacks have been around for decades Usually intentional and malicious Can cost a target.

Denial of Service A comparison of DoS schemes Kevin LaMantia COSC 316.

Denail of Service(Dos) Attacks & Distributed Denial of Service(DDos) Attacks Chun-Chung Chen.

Denial-of-Service Attacks

Comparison of Network Attacks COSC 356 Kyler Rhoades.

CSCE 548 Student Presentation By Manasa Suthram

Distributed Denial of Service Attacks

Domain 4 – Communication and Network Security

Network Security: DoS Attacks, Smurf Attack, & Worms

Intro to Denial of Serice Attacks

Distributed Denial of Service Attacks

Distributed Denial of Service Attacks

Presentation transcript:

Denial of Service & Session Hijacking

 Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of spam  Perform account lockout of valid users  Considered an unsophisticated attack  BOTs (zombies) and BOTnets  “Botnet of 1,000 bots has larger bandwidth than the Internet connection of most corporate networks.”  Oct 20, 2002: 9 of 13 DNS Root servers disabled for 1 hour  DoS Tools  Ping of Death: packets are too large for reassembly  Ping Flood: too many pings to handle the traffic  Land attack: source IP matches target IP

 Use master/slave configuration  Phase 1: intrusion: infect systems to be zombies  Phase 2: attack: trigger slaves to attack  DDos Tools  Trinoo, Tribal Flood Network (TFN), TFN2K, Stacheldraht  Controlling Bots  Usually done by IRC connections due to unencrypted and long connection times   

 Smurf attack: send much ICMP Echo (ping) to broadcast IP address with spoofed source address of victim   Fraggle attack: use large amounts of UDP traffic instead of ICMP  Preventing Smurf and Fraggle Attacks   Teardrop attack: send overlapping or over-sized payloads to the target machine   SYN Flood: flood victim with TCP connection requests and then don’t finish 3 way handshake 

 SYN Cookies: don’t allocate resources until 3 way handshake is complete  RST Cookies: victim responds with incorrect SYN  ACK so attacker has to respond with notice of error  Micro Blocks: allocate smaller memory space for connection record  Stack Tweaking: modify the TCP/IP stack

 Send ICMP echo packets of more than the 65,536 bytes allowed by the IP protocol  Causes system to freeze, crash, or reboot  Operating systems after 1997 are patched to prevent this

 Network-Ingress filter  Rate-Limiting network Traffic (traffic shaping)  Intrusion Detection Systems  Automated Network-Tracing Tools  Host & Network Auditing Tools  DoS Scanning Tools  SARA (Security Auditor’s Research Assistant)  RID  Zombie Zapper

 Hacker gains control of authenticated session  Made possible by sequence number projecting  SN range from 1 to 4,294,967,295  Incremented by 128,000 / second + 64,000 for each connection

 Methods of hijacking  Session fixation: attacker sets user’s session to one know to him; (I set your session ID to one I know)  Session sidejacking: attacker sniffs traffic to steal the session cookie  Cross-site scripting: attacker tricks user’s computer to run code that captures the session cookie  Active vs Passive Hijacking  Active: attacker takes over the session  Passive: attacker watches/records all traffic (sniffing)  Relies on Sequence Prediction

 Tools  Hunt  Dangers of hijacking  Easy to perform  Few countermeasures  Information gathering is successful  Preventing hijacking  Encryption: IPSec, SSH, HTTPS, VPNs  Minimize remote access  Strong Authentication  Educated users  Variety of usernames and passwords