Presentation is loading. Please wait.

Presentation is loading. Please wait.

Common forms and remedies Neeta Bhadane Raunaq Nilekani Sahasranshu.

Published byMagnus Preston Modified over 9 years ago

Similar presentations

Presentation on theme: "Common forms and remedies Neeta Bhadane Raunaq Nilekani Sahasranshu."— Presentation transcript:

1 Common forms and remedies Neeta Bhadane Raunaq Nilekani Sahasranshu

2 Introduction What is a Denial of Service attack? Using up resources and / or bandwidth of a server in a malicious way to prevent legitimate users from accessing its services. What is a DDoS? A DoS attack carried out using a large number of compromised systems improving its potency and reducing traceability of the originator. Some common DoS methodologies SYN flood – exploits poor implementation of TCP in some OSs. Ping of Death – uses inherent weakness in IP fragmentation and reassembly Notorious DDoS attacks MyDoom Smurf attack

3 SYN Flood methodology

4 Ping of Death Maximum legal size of IP packets is 65535 bytes. Because of limitations in the physical layer, packets may have to be fragmented and then reassembled at the destination. A fragmented packet with the maximum offset and size greater than 7 bytes will cause the server to allocate a buffer of size > 65535 bytes.

5 Distributed DoS attacks Involves using some common DoS methodology, but the attack is carried out from a large number of machines IP spoofing is a common technique used in almost all forms of attack. Botnets consist of a large number of “zombie” machines controlled by a single user which can be used to carry out all sorts of attacks (including DDoS) Network and protocol implementation loopholes can also be used for launching such attacks

6 Distributed DoS attacks (contd.) © Copyright 2008, WSTA, All Rights Reserved.

7 Notorious Attacks Smurf attack: A simple C program which spoofs the targets IP address and sends a broadcast ECHO (ICMP) message. All machines receiving the broadcast message ping the target machine, causing a massive DoS. MyDoom: Fastest spreading email worm. On execution, opened a backdoor on the TCP 3127 port and could then be used to run DDoS attacks on specific domains. The affected domains were sco.com, microsoft.com, Google, AltaVista and Lycos

8 Techniques to mitigate Security Threats Access Lists NAT

9 Access Lists Introduction Purpose of Access Lists Need for Access Lists Definition List of conditions

10 Detecting DOS attacks How to determine if your system is under attack? Show CPU utilization Access-lists implementation

11 Commands (some examples) access−list 111 permit ip 172.16.0.0 0.0.255.255 any access−list 111 deny ip any any log Interface serial 0/1 ip access−group 111 out

12 Prevention of DOS attacks Cisco product ASA Will be demonstrated in the simulation

13 Attacks mitigated by ALs IP address spoofing DOS smurf attacks DOS sync attacks Filtering traceroute

14 Network Address Translation “Network Address Translation also known as IP Masquerading or NAT, is an Internet standard that enables translation of IP addresses used within one network to different IP addresses known within another network”

15 Need for NAT Shortage of IP addresses with protocol IPv4 -IP address is a unique 32 bit number -100 million of hosts & 350 million of users -NAT comes into picture requires only single IP address to represent a group of computers.

16 Types of NAT Basic NAT : Involves IP translation only - not port mapping PAT (Port Address Translation): Involves translation of both IP addresses & port numbers. a. SNAT : Translation of Source IP address & port number b. DNAT: Translation of Destination IP address & port number

17 NAT Configuration

18 NAT Security Capabilities Basic NAT acts as firewall between Internet & local Intranet, protects Intranet from Denial of service attack. NAT routers having advanced firewall implements stateful packet inspection which allows filtering of unnecessary data like IP spoofing, SYN flooding from your router. NAT router supporting port forwarding keeps unwanted traffic away from your local network.

19 References www.windowsecurity.com http://en.wikipedia.org Risk mitigation & threat management: compliance, security, and DDoS prevention : by Andreas M. Antonopoulos and Johna Till Johnson Risk mitigation & threat management: compliance, security, and DDoS prevention : by Andreas M. Antonopoulos and Johna Till Johnson http://computer.howstuffworks.com/nat.htm http://nislab.bu.edu/sc546/sc441Spring2003/NAT/index.htm http://en.wikipedia.org/wiki/Network_address_translation http://www.ipv6.com/articles/nat/NAT-In-Depth.htm

20

Download ppt "Common forms and remedies Neeta Bhadane Raunaq Nilekani Sahasranshu."

Similar presentations

NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.

NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod5_L7 1 Implementing Secure Converged Wide Area Networks (ISCW)

© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod5_L7 1 Implementing Secure Converged Wide Area Networks (ISCW)
Denial of Service, Firewalls, and Intrusion Detection

Denial of Service, Firewalls, and Intrusion Detection
Security (Continued) V.T. Raja, Ph.D., Oregon State University.

Security (Continued) V.T. Raja, Ph.D., Oregon State University.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
Network-Based Denial of Service Attacks Trends, Descriptions, and How to Protect Your Network Craig A. Huegen Cisco Systems, Inc. NANOG 12 Interprovider.

Network-Based Denial of Service Attacks Trends, Descriptions, and How to Protect Your Network Craig A. Huegen Cisco Systems, Inc. NANOG 12 Interprovider.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.

Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.
DENIAL OF SERVICE ATTACK

DENIAL OF SERVICE ATTACK
Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.

Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.
Denial of Service Attacks: Methods, Tools, and Defenses Authors: Milutinovic, Veljko, Savic, Milan, Milic, Bratislav,

Denial of Service Attacks: Methods, Tools, and Defenses Authors: Milutinovic, Veljko, Savic, Milan, Milic, Bratislav,
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.

Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.
1Federal Network Systems, LLC CIS Network Security Instructor Professor Mort Anvair Notice: Use and Disclosure of Data. Limited Data Rights. This proposal.

1Federal Network Systems, LLC CIS Network Security Instructor Professor Mort Anvair Notice: Use and Disclosure of Data. Limited Data Rights. This proposal.
Week 8-1 Week 8: Denial of Service (DoS) What is Denial of Service Attack? –Any attack that causes a system to be unavailability. This is a violation of.

Week 8-1 Week 8: Denial of Service (DoS) What is Denial of Service Attack? –Any attack that causes a system to be unavailability. This is a violation of.

Similar presentations

Ads by Google