Presentation is loading. Please wait.

Presentation is loading. Please wait.

BCP-38 demo Alan Barrett Geert Jan de Groot & cast of thousands.

Published byRudolf Grant Modified over 9 years ago

Similar presentations

Presentation on theme: "BCP-38 demo Alan Barrett Geert Jan de Groot & cast of thousands."— Presentation transcript:

1 BCP-38 demo Alan Barrett Geert Jan de Groot & cast of thousands

2 Agenda BCP-38 DNS DDOS demo Build spoofed packet traffic generator –“be the bad-behaving customer” Configure the network to filter –“be the responsible ISP”

3 Basic network ClientDNS DNS request DNS response

4 Network diagram R PC Row A R PC Row B R PC Row C R PC Row J …. DNSVICTIM

5 Step 1: install and run software Download packet spoofing software Configure Run More details on next pages

6 1(a): Download packet spoofing software cd $HOME mkdir spoofing-demo; cd spoofing-demo ftp 196.200.222.1 –login as “anonymous” –cd /pub/e2/bcp38 –binary –mget * (enter “a” to get all files)

7 1(b): Configure From your PC, ping the IP address of your router: ping -c 1 ip.ad.re.ss Find out and write down the MAC address of your router: arp -an Edit spoof_script and change: –TABLE_ROW –ROUTER_MAC

8 1(c): Run the spoofer chmod 755 spoof_script tcpreplay Start the generator (as root):./spoof_script

9 Step 2: Observe spoofed packets and responses Instructors use “tcpdump” to capture traffic on backbone. Observe the spoofed packets, and responses to them.

10 Step 3: Enable unicast reverse-path filtering (URPF) Login to router Configure interface fastEthernet0/0 ip verify unicast reverse-path For all destinations that are routed outwards through this interface, incoming traffic in the opposite direction is allowed.

11 Step 4: See that it worked Observe that the tcpdump display stops showing spoofed packets show ip interface fastEthernet0/0 –Near the end, see “verification drops”

12 URPF variant for multi-homed customer ! access-list 42 will permit the routes ! that would otherwise fail the test ! (e.g. downlink through a different ISP) ip access-list 42 permit 192.0.2.0 0.0.0.255 interface fastEthernet0/0 ip verify unicast reverse-path 42

13 Another variant: Filtering using access-group ! access-list 123 permits all packets ! from the customer ip access-list 123 permit ip 192.0.2.0 0.0.0.255 0.0.0.0 255.255.255.255 interface fastEthernet0/0 ip access-group 123 in This is less efficient and more difficult to configure

Download ppt "BCP-38 demo Alan Barrett Geert Jan de Groot & cast of thousands."

Similar presentations

DMZ (De-Militarized Zone)

DMZ (De-Militarized Zone)
06-Sep-2006Copyright (C) 2006 Internet Initiative Japan Inc.1 Prevent DoS using IP source address spoofing MATSUZAKI ‘maz’ Yoshinobu.

06-Sep-2006Copyright (C) 2006 Internet Initiative Japan Inc.1 Prevent DoS using IP source address spoofing MATSUZAKI ‘maz’ Yoshinobu.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Access Control Lists Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Access Control Lists Routing & Switching.
Static Routing Exercise. What will the exercise involve?  Unix network interface configuration  Cisco network interface configuration  Static routes.

Static Routing Exercise. What will the exercise involve?  Unix network interface configuration  Cisco network interface configuration  Static routes.
Basic IP Traffic Management with Access Lists

Basic IP Traffic Management with Access Lists
Cisco 3 - Switch Perrine. J Page 15/8/2015 Chapter 8 What happens to the member ports of a VLAN when the VLAN is deleted? 1.They become inactive. 2.They.

Cisco 3 - Switch Perrine. J Page 15/8/2015 Chapter 8 What happens to the member ports of a VLAN when the VLAN is deleted? 1.They become inactive. 2.They.
Chapter 13: Troubleshooting network connectivity Unit objectives Identify TCP/IP troubleshooting tools Discuss the Telnet utility and its functions Discuss.

Chapter 13: Troubleshooting network connectivity Unit objectives Identify TCP/IP troubleshooting tools Discuss the Telnet utility and its functions Discuss.
Standard, Extended and Named ACL.  In this lesson, you will learn: ◦ Purpose of ACLs  Its application to an enterprise network ◦ How ACLs are used to.

Standard, Extended and Named ACL.  In this lesson, you will learn: ◦ Purpose of ACLs  Its application to an enterprise network ◦ How ACLs are used to.
Network Analyzer Example

Network Analyzer Example
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—5-1 Implementing Path Control Assessing Path Control Network Performance Issues.

© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—5-1 Implementing Path Control Assessing Path Control Network Performance Issues.
CPIT 470 Lab 2 Lab Instructor: Aisha Ehsan.

CPIT 470 Lab 2 Lab Instructor: Aisha Ehsan.
Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.

Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.
CCNA2 Routing Perrine modified by Brierley Page 18/6/2015 Module 11 Access Control 172.16.3.0172.16.4.0 Non-172.16.0.0 e0e1 s0 172.16.4.13 server.

CCNA2 Routing Perrine modified by Brierley Page 18/6/2015 Module 11 Access Control Non e0e1 s server.
Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:

Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:
PacNOG 6: Nadi, Fiji Dealing with DDoS Attacks Hervey Allen Network Startup Resource Center.

PacNOG 6: Nadi, Fiji Dealing with DDoS Attacks Hervey Allen Network Startup Resource Center.
Module 1: Reviewing the Suite of TCP/IP Protocols.

Module 1: Reviewing the Suite of TCP/IP Protocols.
CISCO NETWORKING ACADEMY Chabot College ELEC 99.08 Access Control Lists - Introduction.

CISCO NETWORKING ACADEMY Chabot College ELEC Access Control Lists - Introduction.
4 September 2015 RE Meyers, Ms.Ed., CCAI CCENT 640-822 ICND1 Exam Topics Review Describe the Operation of Data Networks: Network Diagrams and Data Paths.

4 September 2015 RE Meyers, Ms.Ed., CCAI CCENT ICND1 Exam Topics Review Describe the Operation of Data Networks: Network Diagrams and Data Paths.
LTEC 4560 Summer 2012 Justin Kappel Networking Components.

LTEC 4560 Summer 2012 Justin Kappel Networking Components.
Managing Network connections. Network Cabling Ethernet Topology Bus topology – Connects each node in a line – Has no central connection point Star topology.

Managing Network connections. Network Cabling Ethernet Topology Bus topology – Connects each node in a line – Has no central connection point Star topology.

Similar presentations

Ads by Google