1 / 15

Denial-of-Service ( DoS )

Denial-of-Service ( DoS ). Adams Michael. Objectives. What is Denial of Service Attack (Dos) Who are the Attackers and Targets Why People Do These Attacks Types of Attacks Method of Attacks Protecting Against DoS. Denial of Service ( DoS ).

leena
Download Presentation

Denial-of-Service ( DoS )

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Denial-of-Service(DoS) Adams Michael

  2. Objectives • What is Denial of Service Attack (Dos) • Who are the Attackers and Targets • Why People Do These Attacks • Types of Attacks • Method of Attacks • Protecting Against DoS

  3. Denial of Service (DoS) • In computing, a denial-of-service attack (DoSattack) is an attempt to make a machine or network resource unavailable to its intended users.

  4. Attackers and Targets • Perpetrators of DoS attacks are typically hackers, cyber bullies, cyber terrorists, script kiddies and so on. • Targets sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root name servers.

  5. Why These Attacks? • To make a name in the Hackers Community. • Protest. • Terrorism. • To gain access to confidential information.

  6. Types of Attacks • Volume Based Attacks – includes UDP floods, ICMP floods, and other spoofed-packet floods. The attack’s goal is to saturate the bandwidth of the attacked site, and magnitude is measured in bits per second (Bps).

  7. Types of Attacks • Protocol Attacks : Includes SYN floods, fragmented packet attacks, Ping of Death, Smurf DDoS and more. This type of attack consumes actual server resources, or those of intermediate communication equipment, such as firewalls and load balancers, and is measured in Packets per second.

  8. Types of Attacks • Application Layer Attacks: Includes Slowloris, Zero-day, attacks that target Apache, Windows vulnerabilities and more. Comprised of seemingly legitimate and innocent requests, the goal of these attacks is to crash the web server, and the magnitude is measured in Requests per second.

  9. Tools For Attacks • LOIC (Low Orbit Ion Canon) • XOIC • HULK (HTTP Unbearable Load King) • R-U-Dead-Yet?

  10. Methods of Attack • There are two forms of DoSattacks. Those that crash services and flood services. • Consumption of computational resources, such as bandwidth, memory, disk space, processor time. • Disruption of configuration, such as routing information and TCP sessions (ICMP flood).

  11. Methods of Attack contd. • Disruption of physical network components (Vandalism). • Obstructing the communication media so that communication is inadequate (SYN flood).

  12. Protecting Against DoS • Protecting against DoS starts with prevention and detection. This can be done by setting up • Firewalls: be set up to have simple rules such to allow or deny protocols, ports or IP addresses • DoSDefense System (DDS): Is able to block connection-based DoS attacks with bad intent. A DDS can also protect against both protocol attacks like Ping of death and rate-based attacks like ICMP floods

  13. Summary

  14. Question everything. Learn something. Answer nothing.

More Related