Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ethics of Distributed DoS (Why TFN is Evil) March 2, 2000 Mintcho Petkov Dartmouth College.

Published byArline Campbell Modified over 9 years ago

Similar presentations

Presentation on theme: "Ethics of Distributed DoS (Why TFN is Evil) March 2, 2000 Mintcho Petkov Dartmouth College."— Presentation transcript:

1 Ethics of Distributed DoS (Why TFN is Evil) March 2, 2000 Mintcho Petkov Dartmouth College

2 Introduction Timeline of Attacks Feb 7 - Yahoo Feb 8 - CNN, Buy.com, eBay, Amazon Feb 9 - E-Trade, ZDNet Source: www.CNN.com Investigation Uncovered Distributed Denial of Service Attack (DDoS) Tool used: Tribe Flood Network (TFN) TFN created by the German hacker Mixter

3 Denial of Service Attacks What is DoS? Consume all resources. No resources left for others Must be intentional. Examples Run a CPU-intensive program on tahoe without caring about the results Allocate as much memory as possible (on a multi-user machine) Flood a network address with meaningless traffic (commonly ICMP, UDP) Distributed DoS Denial of Service launched from several computers with automated coordination.

4 Tribe Flood Network Target automated manual

5 Situation Analysis Parties Involved Creator of TFN (Mixter) Attacker Administrators of compromised machines (zombies) Target Issues Responsibility of Zombie administrators Mixter’s Responsibility Overall Internet Insecurity

6 Responsibility of Zombie Owners If zombies were secure, no DDoS attack possible Without a large number of high-bandwidth, low-security computers to be compromised, there is no attack. Why were the zombies not secure? Cost to society outweighs cost to individual Conflict of interest (“I have nothing important on this machine, so why invest in security?”) Not everybody is a security expert!

7 Mixter’s Responsibility Source: iss.net Security Administrator Tool for Analyzing Networks (SATAN) Automatically exposes system vulnerabilities Legitimate and illegitimate uses TFN and Capacity Management Testing the maximum amount of traffic a server can handle Distributed packet flooding tools help Cracking random computers NOT part of Capacity Management Mixter Shares the Blame The tool can only be used for malicious purposes

8 Overall Internet Insecurity Sources: CNN.com, news.yahoo.com, iss.net Noteworthy Incidents NATO website successfully flooded during Yugoslav War FBI website made inaccessible by a DoS attack (Feb 18, 2000) 227 computers used in a DDoS attack against the University of Minnesota (August 17, 1999) General Concerns about TFN Automation Encryption (list of compromised hosts encrypted) Concealment Techniques (broadcast addressing) Large existing networks of compromised machines

9 Conclusions References: Computer Security - www.iss.net News - CNN.com, news.yahoo.com Mixter’s Website - www.mixter.org Analysis of TFN - staff.washington.edu/dittrich/misc/tfn.analysis Expert on TFN - cbrenton@sover.net (Chris Brenton) To Summarize: SATAN can be good TFN is evil People can be careless The Internet is insecure

Download ppt "Ethics of Distributed DoS (Why TFN is Evil) March 2, 2000 Mintcho Petkov Dartmouth College."

Similar presentations

Module VIII Denial Of Service

Module VIII Denial Of Service
COMP 7320 Internet Security: Prevention of DDoS Attacks By Dack Phillips.

COMP 7320 Internet Security: Prevention of DDoS Attacks By Dack Phillips.
On the Necessity of Handling DDoS Traffic in the Middle of the Network Peter Reiher UCLA Computer Communications Workshop October 22, 2008.

On the Necessity of Handling DDoS Traffic in the Middle of the Network Peter Reiher UCLA Computer Communications Workshop October 22, 2008.
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.

Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
Security (Continued) V.T. Raja, Ph.D., Oregon State University.

Security (Continued) V.T. Raja, Ph.D., Oregon State University.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
Defensive Measures for DDoS By Farhan Mirza. Contents Survey Topics Survey Topics Introduction Introduction Common Target of DoS Attacks Common Target.

Defensive Measures for DDoS By Farhan Mirza. Contents Survey Topics Survey Topics Introduction Introduction Common Target of DoS Attacks Common Target.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Distributed Denial of Service Attacks CMPT 471 1 Distributed Denial of Service Attacks Darius Law.

Distributed Denial of Service Attacks CMPT Distributed Denial of Service Attacks Darius Law.
Network Security Testing Techniques Presented By:- Sachin Vador.

Network Security Testing Techniques Presented By:- Sachin Vador.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Using Multiple Gateways to Foil DDOS Attack by David Wilkinson.

Using Multiple Gateways to Foil DDOS Attack by David Wilkinson.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
Defending Against Flooding Based DoS Attacks : A tutorial - Rocky K.C. Chang, The Hong Kong Polytechnic University Presented by – Ashish Samant.

Defending Against Flooding Based DoS Attacks : A tutorial - Rocky K.C. Chang, The Hong Kong Polytechnic University Presented by – Ashish Samant.
100% Security “ The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete.

100% Security “ The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete.
DDos Distributed Denial of Service Attacks by Mark Schuchter.

DDos Distributed Denial of Service Attacks by Mark Schuchter.

Similar presentations

Ads by Google