Presentation is loading. Please wait.

Presentation is loading. Please wait.

DOS Attacks Lyle YapDiangco COEN 150 5/21/04. Background DOS attacks have been around for decades Usually intentional and malicious Can cost a target.

Published byBarnard Buck Fox Modified over 8 years ago

Similar presentations

Presentation on theme: "DOS Attacks Lyle YapDiangco COEN 150 5/21/04. Background DOS attacks have been around for decades Usually intentional and malicious Can cost a target."— Presentation transcript:

1 DOS Attacks Lyle YapDiangco COEN 150 5/21/04

2 Background DOS attacks have been around for decades Usually intentional and malicious Can cost a target person and company a great deal of time and money – In 1998, the highest reported financial loss to a single DOS attack was $1 million – In 2002, it ballooned up to $50 million – As the Internet grows and computers become more advanced, DOS attacks will grow in size, strength, security, and sophistication.

3 What is a DOS attack? DOS attacks (Denial of Service attacks) – An explicit attempt by intruders to prevent legitimate users of a service from using that service – Various ways to execute DOS attacks: Flood network Disrupt connections between two machines Prevent a particular user from accessing a service Disrupt service to a specific system or person

4 Impact of DOS attacks Disable your computer or network Even worse, cripple your company Lots of time, money, and production wasted

5 TCP Connection

6 Methods of Attacks Consumption of scarce, limited, or non-renewable resources – Network Connectivity – Using your own resources against you – Bandwidth Consumption – Consumption of other resources Destruction or alteration of configuration information Physical destruction or alteration of network components

7 Network Connectivity Most DOS attacks are executed on network connectivity (TCP/IP) Goal is to prevent hosts or networks from communicating over the network An example of this is a SYN Flood attack

8 TCP Gone Bad (SYN attack)

9 Other Methods of Consumption of Resources Using Your Own Resources Against You – An intruder uses forged UDP packets to connect the echo service on one machine to the chargen service on another. Bandwidth Consumption – Generate large number of packets directed to your network Consumption of Other Resources – Generate excessive mail messages, place files in ftp areas, consume system data structures with bogus programs

10 Destruction or Alteration of Configuration Information An improperly configured computer may not perform well or may not operate at all – An intruder can modify the registry on a Windows machine – Can change routing information

11 Physical Destruction or Alteration of Network Components Primary concern is physical security – Guard against unauthorized access to computers, routers, network wiring closets, power, etc. Ex. Cutting a wire

12 Three Stages of DOS attacks A Typical DOS attack DDOS (Distributed DOS attack) DRDOS (Distributed Reflection DOS attack) In general, with each increasing stage, the DOS attack grows in size, speed, security, and sophistication.

13 DDOS

14 DRDOS

15 Famous Occurrences Ping of Death – Creates a packet that exceeds the max 65,536 bytes of data allowed by the IP specification. Teardrop Attack – Creates a series of IP fragments with overloading offset fields. Smurf Attack (Brute Force Attack) – Floods the router with Internet Control Messages Protocol (ICMP) ECHO packets. SYN Flood Attack UDP Flood Attack Viruses, Worms, and Trojan Horses

16 Countermeasures Disable any unused or unneeded network services Observe system performance Routinely examine physical features Establish and maintain regular backup schedules and policies (ex. Config. Info Establish and maintain password policies

17 Countermeasures (ctd.) If these are available – Implement router filters to guard against certain DOS attacks – Install patches to guard against SYN attacks – Invest in redundant and fault-tolerant network configurations – Use Tripwire to detect changes in configuration info or in files – Enable quota systems

18 Conclusion DOS attacks are a major nuisance and can be a serious threat – Loss in money, time, productivity, possibly human lives People have the available tools and methods in securing their computers and networks, it’s just a matter of effort and awareness.

19 Questions?

Download ppt "DOS Attacks Lyle YapDiangco COEN 150 5/21/04. Background DOS attacks have been around for decades Usually intentional and malicious Can cost a target."

Similar presentations

Denial of Service Attack History What is a Denial of Service Attack? Modes of Attack Performing a Denial of Service Attack Distributed Denial of Service.

Denial of Service Attack History What is a Denial of Service Attack? Modes of Attack Performing a Denial of Service Attack Distributed Denial of Service.
NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.

NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.

Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.

Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.

Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.
Raw Sockets CS-480b Dick Steflik Raw Sockets Raw Sockets let you program at just above the network (IP) layer You could program at the IP level using.

Raw Sockets CS-480b Dick Steflik Raw Sockets Raw Sockets let you program at just above the network (IP) layer You could program at the IP level using.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
CSE331: Introduction to Networks and Security Lecture 35 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 35 Fall 2002.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.

Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.
Beyond the perimeter: the need for early detection of Denial of Service Attacks John Haggerty,Qi Shi,Madjid Merabti Presented by Abhijit Pandey.

Beyond the perimeter: the need for early detection of Denial of Service Attacks John Haggerty,Qi Shi,Madjid Merabti Presented by Abhijit Pandey.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.

Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Similar presentations

Ads by Google