Presentation on theme: "Denial of Service Attack History What is a Denial of Service Attack? Modes of Attack Performing a Denial of Service Attack Distributed Denial of Service."— Presentation transcript:
Denial of Service Attack History What is a Denial of Service Attack? Modes of Attack Performing a Denial of Service Attack Distributed Denial of Service Detection and Prevention
First major attacks start to appear in 2001. Major companies have been hit as well as major Governments Twitter, Facebook, Google, Amazon, Wal-Mart, Pirate Bay, Irish Government, Iranian Government, Georgian Government
It is an attempt to make a computer resource unavailable to its intended users. Reasons may vary but it is an effort to prevent an internet site or service from functioning efficiently. Typical Connection Denial of Service Attack
Basic Attack Types Consumption of computational resources Bandwidth, disk space, processor time Disruption of configuration information Routing information Disruption of state information Resetting of TCP sessions Disruption of physical network components Obstructing the communication media between the intended users and the victim
An attacker sends several authentication messages to a server at once. These authentication messages have fake return addresses so the server can not find the user to give authentication approval. The server then waits to close the connection and when it does the attacker can send a new batch of fake requests. This process is repeated over and over, tying up the service indefinitely.
In a distributed denial of service attack, the attacker takes over machines on the internet and uses them to perform a denial of service attack. Used in order to generate the necessary traffic in order to bring down the resource.
Denial of service attacks can lead to significant loss of time and resources. Being able to detect and then prevent denial of service attacks can prevent this loss of time and resources There are both hardware and software solutions for detection and prevention.
A filter can be implemented that sniffs packet info and looks for suspicious patterns and will deny access if one can be found.filter Intrusion Prevention Systems Firewalls, Switches, Routers
History Denial of Service Attack Distributed Denial of Service Attack Prevention and Detection