Presentation is loading. Please wait.

Presentation is loading. Please wait.

Wikileaks, Anonymous, and The Jester

Published byKerry Holt Modified over 6 years ago

Similar presentations

Presentation on theme: "Wikileaks, Anonymous, and The Jester"— Presentation transcript:

1 Wikileaks, Anonymous, and The Jester
The DoS Crisis Wikileaks, Anonymous, and The Jester

2 Animated Summary

3 Characters

4 Wikileaks Published <1000 US Gov't diplomatic cables from a leak of 250,000 Distributed an encrypted "Insurance" file by BitTorrent Widely assumed to contain the complete, uncensored leaked data Encrypted with AES-256--no one is ever getting in there without the key Key to be released if Assange is jailed or killed, but he is in a UK prison now and the key has not been released

5 Th3j35t3r "Hacktivist for Good" Claims to be ex-military
Performs DoS attacks on Jihadist sites Brings them down for brief periods, such as 30 minutes Announces his attacks on Twitter, discusses them on a blog and live on irc.2600.net

6 Operation Payback 4chan's Anonymous group
Attacked Scientology websites in 2008 Attacked the RIAA and other copyright defenders Using the Low Orbit Ion Cannon with HiveMind "Opt-in Botnet"

7 Distributed Denial of Service

8 Companies that Refused Service to Wikileaks
Amazon Paypal Mastercard Visa Many others

9 Low Orbit Ion Cannon Primitive DDoS Attack, controlled via IRC
Sends thousands of packets per second from the attacker directly to the target Like throwing a brick through a window Takes thousands of participants to bring down a large site They tried but failed to bring down Amazon

10 Low Orbit Ion Cannon

11 Operation Payback v. Mastercard
Brought down Visa, Mastercard, and many other sites Attack is illegal and obvious Easily tracked, and easily blocked Dutch police have already arrested two participants

12 Mastercard Outage 3,000 to 30,000 attackers working together

13 Layer 7 Denial of Service

14 Jester's Tweets

15 Th3j35t3r v. Wikileaks He brought down Wikileaks single- handed for more than a day I was chatting with him in IRC while he did it, and he proved it was him by briefly pausing the attack

16 Wikileaks Outage One attacker, no botnet

17 XerXes Th3j35t3r's DoS Tool Uses incomplete Layer 7 requests
Similar to the SlowLoris attack Can bring down a server with very little traffic--as little as one packet per second Can be routed through proxies like Tor to hide the attacker's origin Doesn't cause collateral damage to other network devices

18 Layer 7 DoS Subtle, concealable attack Low bandwidth
Can be very difficult to distinguish from normal traffic Only requires one attacker, with no special hardware

19 Defending Websites

20 Attack > Defense Right now, your website is only up because
Not even one person hates you, or All the people that hate you are ignorant about network security

21 Defense Mod Security--free open-source defense tool
May not be much use against Layer 7 DoS Akamai has good defense solutions Caching DNS Redirection Javascript second-request trick

22 Counterattacks Reflecting attacks back to the command & control server
Effective against dumb attackers like Anonymous Will lose effect if they ever learn about Layer 7 DoS

23 References

24 References How Secure Is Julian Assange's "Thermonuclear" Insurance File? Overview of Anonymous and their attack on MasterCard: Operation Payback Toolkit: LOIC and HiveMind

25 References: Layer 7 DoS Attack Tools
SlowLoris: The OWASP DoS test tool OWASP_HTTP_Post_Tool

26 References: Defense ModSecurity http://goo.gl/56hbl Akamai DDoS Report
MichaelSmith_DDoS.pdf

27 References: Outage Charts
‘Tis the Season of DDoS – WikiLeaks Edition

Download ppt "Wikileaks, Anonymous, and The Jester"

Similar presentations

Ethical Hacking: New Web 2.0 Attacks and Defenses HI-TEC 2011.

Ethical Hacking: New Web 2.0 Attacks and Defenses HI-TEC 2011.
HiveMind Distributed File Storage Using JavaScript Botnets Copyright 2013 Sean T. Malone.

HiveMind Distributed File Storage Using JavaScript Botnets Copyright 2013 Sean T. Malone.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.

Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.
Flash Crowds And Denial of Service Attacks: Characterization and Implications for CDNs and Web Sites Aaron Beach Cs395 network security.

Flash Crowds And Denial of Service Attacks: Characterization and Implications for CDNs and Web Sites Aaron Beach Cs395 network security.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
1 쉽게 접근하자 DoS! Sookmyung Women’s Univ. 최서윤. 2 The DoS?! Sockstress DoS using LOIC Link Local DoS.

1 쉽게 접근하자 DoS! Sookmyung Women’s Univ. 최서윤. 2 The DoS?! Sockstress DoS using LOIC Link Local DoS.
Computer Networks IGCSE ICT Section 4.

Computer Networks IGCSE ICT Section 4.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Denial of Service Attacks: Methods, Tools, and Defenses Authors: Milutinovic, Veljko, Savic, Milan, Milic, Bratislav,

Denial of Service Attacks: Methods, Tools, and Defenses Authors: Milutinovic, Veljko, Savic, Milan, Milic, Bratislav,
BOTNETS & TARGETED MALWARE Fernando Uribe. INTRODUCTION  Fernando Uribe   IT trainer and Consultant for over 15 years specializing.

BOTNETS & TARGETED MALWARE Fernando Uribe. INTRODUCTION  Fernando Uribe   IT trainer and Consultant for over 15 years specializing.
Capacity Development Workshop on Public Information Management System and Policy in Korea on cyber attacks 2011.11.28 Jeong Min, Lee KISA.

Capacity Development Workshop on Public Information Management System and Policy in Korea on cyber attacks Jeong Min, Lee KISA.
PROJECT IN COMPUTER SECURITY MONITORING BOTNETS FROM WITHIN FINAL PRESENTATION – SPRING 2012 Students: Shir Degani, Yuval Degani Supervisor: Amichai Shulman.

PROJECT IN COMPUTER SECURITY MONITORING BOTNETS FROM WITHIN FINAL PRESENTATION – SPRING 2012 Students: Shir Degani, Yuval Degani Supervisor: Amichai Shulman.
Special Anatomy of an Attack Or Layered Security Failure.

Special Anatomy of an Attack Or Layered Security Failure.
1Federal Network Systems, LLC CIS Network Security Instructor Professor Mort Anvair Notice: Use and Disclosure of Data. Limited Data Rights. This proposal.

1Federal Network Systems, LLC CIS Network Security Instructor Professor Mort Anvair Notice: Use and Disclosure of Data. Limited Data Rights. This proposal.
Anonymous By Kendra Kennedy, Benjamin Fleshman, and Hassan Alsuleiman.

Anonymous By Kendra Kennedy, Benjamin Fleshman, and Hassan Alsuleiman.
1 The SpaceWire Internet Tunnel and the Advantages It Provides For Spacecraft Integration Stuart Mills, Steve Parkes Space Technology Centre University.

1 The SpaceWire Internet Tunnel and the Advantages It Provides For Spacecraft Integration Stuart Mills, Steve Parkes Space Technology Centre University.

Similar presentations

Ads by Google