Presentation is loading. Please wait.

Presentation is loading. Please wait.

Denial of Service A comparison of DoS schemes Kevin LaMantia COSC 316.

Published byLizbeth Carr Modified over 8 years ago

Similar presentations

Presentation on theme: "Denial of Service A comparison of DoS schemes Kevin LaMantia COSC 316."— Presentation transcript:

1 Denial of Service A comparison of DoS schemes Kevin LaMantia COSC 316

2 Introduction What DoS is Symptoms of an attack Methods of attack Types of Attacks How to defend Conclusion

3 What is a Denial of Service attack? An attack on a network that is designed to bring the network to its knees by flooding it with useless traffic Two general forms of attacks: 1.Those that crash services 2.Those that flood services

4 Symptoms of a DoS Attack United States Computer Emergency Readiness Team (US-CERT) lists possible symptoms of a DoS attack: ▫Usually slow network performance ▫Unavailability of a particular web site ▫Inability to access any web site ▫Dramatic increase in the number of spam emails received (email bomb) ▫Disconnection of a wireless internet connection DoS attacks can also lead to problem’s in the network branches around the actual computer being attacked ▫Ex: The bandwidth of a router between the Internet and a LAN may be consumed by an attack, compromising not only the intended computer, but also the entire network or other computers on the LAN Attacks can be very large and compromise Internet connectivity for an entire geographical region

5 Methods of Attack A DoS attack can be perpetrated in a number of ways, five basic ways are: 1.Consumption of computational resources, such as bandwidth, memory, disk space, or processor time 2.Disruption of configuration information, such as routing information 3.Disruption of state information, such as unsolicited resetting of TCP sessions 4.Disruption of physical network components 5.Obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately

6 Methods of Attack Continued… A DoS attack may include execution of malware intended to: ▫Max out the processor’s usage, preventing any work from occurring ▫Trigger errors in the microcode of the machine ▫Trigger errors in the sequencing of instructions, so as to force the computer into an unstable state or lock-up ▫Exploit errors in the OS, causing resource starvation ▫Crash the OS itself

7

8 Smurf Attack An attack in which large numbers of Internet Control Message Protocol (ICMP) packets with the intended victim’s spoofed source IP are broadcast to a computer network using an IP Broadcast address Most devices on a network will respond, by default, to the source IP address ▫If there are a lot of machines on a network, it will cause the victim’s computer to be flooded with traffic

9 Ping of Death A type of attack on a computer that involves sending a malformed or otherwise malicious ping to a computer How it works: ▫Historically many computer systems couldn’t handle a ping packet, normally 56 bytes, larger than the maximum IPv4 packet size of 65,535 bytes ▫This would cause the system to crash

10 Ping Flood Based on sending the victim an overwhelming number of ping packets, usually using the “ping” command from Unix-like hosts It is much less capable of overwhelming a target if the attack comes from a Windows system ▫Does not allow packet sizes greater then 65500 Primary requirement to launch this attack ▫Having a greater bandwidth than the victim

11 Nuke An old DoS attack that consisted of fragmented or invalid ICMP packets sent to a target Achieved by using a modified ping utility to repeatedly send this corrupt data Slowed down the affected computer until it comes to a complete stop Example: ▫WinNuke  Exploited a vulnerability in the NetBIOS handler in Windows 95  Locked up victims computer causing Blue Screen of Death

12 SYN Flood An attack that sends a succession of SYN (Synchronize) requests to a target’s system in an attempt to consume enough server resources to make the system unresponsive to legitimate traffic How it works: ▫It corrupts the TCP three-way handshake ▫Doesn’t respond back to the client with the ACK code or spoofing the source IP address in the SYN causing the server to send the SYN_ACK to a false IP ▫Causes the server to wait for acknowledgement for some time ▫Causes congestion by using up resources until no new connections can be made

13 Distributed DoS (DDoS) Occurs when multiple systems flood the bandwidth or resources of a targeted system ▫i.e., Botnet Using multiple machines make it harder for to track and shut down the attacker ▫Merely purchasing more bandwidth won’t always work for defense since the attacker might be able to add more attack machines A system may be compromised with a trojan, allowing the attacker to download a zombie agent, or the trojan may contain one

14 Distributed DoS continued… These collections of system compromisers are known as botnets Script kiddies use these to deny the availability of well known websites to legitimate users More sophisticated attackers could use DDoS for the purposes of extortion Video: ▫http://www.youtube.com/watch?v=0VutW15kEZ Mhttp://www.youtube.com/watch?v=0VutW15kEZ M

15 How to Defend Unfortunately, there are no effective ways to prevent being the victim of a DoS or DDoS attack There are steps you can take to reduce the likelihood that an attacker will use your computer to attack other computers ▫Install and maintain anti-virus software ▫Install a firewall, and configure it to restrict traffic coming into and leaving your computer ▫Follow good security practices for distributing your email address. Applying email filters may help you manage unwanted traffic

16 Conclusion What DoS is The Symptoms of an attack Methods of Attack Different Types of Attacks How to Defend from Attacks

17 Questions?

18 Works Cited Google Ideas. (2013). Understanding Distributed Denial of Service Attacks. Retrieved from Youtube.com: http://www.youtube.com/watch?v=0VutW15kEZM http://www.youtube.com/watch?v=0VutW15kEZM McDowell, M. (n.d.). Understanding Denial-of-Service Attacks. Retrieved from US-CERT.gov: http://www.us- cert.gov/ncas/tips/ST04-015http://www.us- cert.gov/ncas/tips/ST04-015 Webopedia. (n.d.). DoS attack. Retrieved from webopedia.com: http://www.webopedia.com/TERM/D/DoS_attack.html http://www.webopedia.com/TERM/D/DoS_attack.html Wikipedia. (n.d.). Denial of Service. Retrieved from Wikipedia: http://en.wikipedia.org/wiki/Denial-of- service_attack#Methods_of_attack http://en.wikipedia.org/wiki/Denial-of- service_attack#Methods_of_attack

Download ppt "Denial of Service A comparison of DoS schemes Kevin LaMantia COSC 316."

Similar presentations

Denial of Service Attack History What is a Denial of Service Attack? Modes of Attack Performing a Denial of Service Attack Distributed Denial of Service.

Denial of Service Attack History What is a Denial of Service Attack? Modes of Attack Performing a Denial of Service Attack Distributed Denial of Service.
Denial of Service By: Samarth Shah and Navin Soni.

Denial of Service By: Samarth Shah and Navin Soni.
NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.

NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Review For Exam 2 March 9, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Review For Exam 2 March 9, 2010 MIS 4600 – MBA © Abdou Illia.
CISCO NETWORKING ACADEMY PROGRAM (CNAP)

CISCO NETWORKING ACADEMY PROGRAM (CNAP)
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.

Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.

Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated 9-18-08.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated
Security (Continued) V.T. Raja, Ph.D., Oregon State University.

Security (Continued) V.T. Raja, Ph.D., Oregon State University.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
Introduction to Security Computer Networks Computer Networks Term B10.

Introduction to Security Computer Networks Computer Networks Term B10.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Distributed Denial of Service Attacks CMPT 471 1 Distributed Denial of Service Attacks Darius Law.

Distributed Denial of Service Attacks CMPT Distributed Denial of Service Attacks Darius Law.
1/42 Arab Academy for Banking &Financial Sciences Faculty of Information Systems & Technology - Department of CIS Information System Security Ph.D Prepared.

1/42 Arab Academy for Banking &Financial Sciences Faculty of Information Systems & Technology - Department of CIS Information System Security Ph.D Prepared.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA © Abdou Illia.
Beyond the perimeter: the need for early detection of Denial of Service Attacks John Haggerty,Qi Shi,Madjid Merabti Presented by Abhijit Pandey.

Beyond the perimeter: the need for early detection of Denial of Service Attacks John Haggerty,Qi Shi,Madjid Merabti Presented by Abhijit Pandey.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Similar presentations

Ads by Google