Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Published bySharlene Brown Modified over 9 years ago

Similar presentations

Presentation on theme: "Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks."— Presentation transcript:

1 Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks

2 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 2 Chapter 4 Objectives Understand how DoS attacks are accomplished Know how certain DoS attacks work Protect against DoS attacks Defend against specific DoS attacks

3 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 3 Introduction Denial-of-Service Attacks  One of the most common types of attacks  Prevent legitimate users from accessing the system  Know how it works  Know how to stop it

4 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 4 Introduction (cont.) Computers have physical limitations  Number of users  Size of files  Speed of transmission  Amount of data stored Exceed any of these limits and the computer will cease to respond

5 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 5 Overview Common Tools Used for DoS  TFN and TFN2K Can perform various protocol floods. Master controls agents. Agents flood designated targets. Communications are encrypted. Communications can be hidden in traffic. Master can spoof its IP.

6 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 6 Overview (cont.) Common Tools Used for DoS  Stacheldracht Combines Trinoo with TFN Detects source address forgery Performs a variety of attacks

7 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 7 Stacheldracht on the Symantec site Overview (cont.)

8 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 8 Overview (cont.) DoS Weaknesses  The flood must be sustained. Whenmachines are disinfected, the attack stops. Hacker’s own machine are at risk of discovery.

9 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 9 DoS Attacks TCP SYN Flood Attack  Hacker sends out a SYN packet.  Receiver must hold space in buffer.  Bogus SYNs overflow buffer.

10 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 10 DoS Attacks (cont.)

11 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 11 DoS Attacks (cont.) Methods of Prevention  SYN Cookies Initially no buffer is created. Client response is verified using a cookie. Only then is the buffer created. Resource-intensive.

12 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 12 DoS Attacks (cont.) Methods of Prevention  RST Cookies Sends a false SYNACK back Should receive an RST in reply Verifies that the host is legitimate Not compatible with Windows 95

13 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 13 DoS Attacks (cont.) Methods of Prevention  Stack Tweaking Complex method Alters TCP stack Makes attack difficult but not impossible

14 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 14 DoS Attacks (cont.) Smurf IP Attack  Hacker sends out ICMP broadcast with spoofed source IP. Intermediaries respond with replies. ICMP echo replies flood victim. The network performs a DDoS on itself.

15 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 15 CERT listing on Smurf attacks DoS Attacks (cont.)

16 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 16 DoS Attacks (cont.) Protection against Smurf attacks  Guard against Trojans.  Have adequate AV software.  Utilize proxy servers.  Ensure routers don’t forward ICMP broadcasts.

17 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 17 DoS Attacks (cont.) UDP Flood Attack  Hacker sends UDP packets to a random port  Generates illegitimate UDP packets  Causes system to tie up resources sending back packets

18 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 18 DoS Attacks (cont.) ICMP Flood Attack  Floods – Broadcasts of pings or UDP packets  Nukes – Exploit known bugs in operating systems

19 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 19 DoS Attacks (cont.) The Ping of Death (PoD)  Sending a single large packet.  Most operating systems today avoid this vulnerability.  Still, keep system patched.

20 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 20 DoS Attacks (cont.) Teardrop Attack  Hacker sends a fragmented message  Victim system attempts to reconstruct message  Causes system to halt or crash

21 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 21 DoS Attacks (cont.) Land Attack  Simplest of all attacks  Hacker sends packet with the same source and destination IP  System “hangs” attempting to send and receive message

22 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 22 DoS Attacks (cont.) Echo/Chargen Attack  Echo service sends back whatever it receive.s  Chargen is a character generator.  Combined, huge amounts of data form an endless loop.

23 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 23 Distributed Denial of Service (DD0S) Routers communicate on port 179 Hacker tricks routers into attacking target Routers initiate flood of connections with target Target system becomes unreachable

24 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 24 Real-World Examples MyDoom  Worked through e-mail Slammer  Spread without human intervention

25 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 25 How to Defend Against DoS Attacks In addition to previously mentioned methods  Configure your firewall to Filter out incoming ICMP packets. Egress filter for ICMP packets. Disallow any incoming traffic.  Use tools such as NetStat and others.

26 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 26 How to Defend Against DoS Attacks (cont.) Disallow traffic not originating within the network. Disable all IP broadcasts. Filter for external and internal IP addresses. Keep AV signatures updated. Keep OS and software patches current. Have an Acceptable Use Policy.

27 © 2012 Pearson, Inc. Chapter 4 Denial of Service Attacks 27 Summary DoS attacks are common. DoS attacks are unsophisticated. DoS attacks are devastating. Your job is constant vigilance.

Download ppt "Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks."

Similar presentations

Module VIII Denial Of Service

Module VIII Denial Of Service
NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.

NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
CISCO NETWORKING ACADEMY PROGRAM (CNAP)

CISCO NETWORKING ACADEMY PROGRAM (CNAP)
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.

Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated 9-18-08.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated
Security (Continued) V.T. Raja, Ph.D., Oregon State University.

Security (Continued) V.T. Raja, Ph.D., Oregon State University.
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Distributed Denial of Service Attacks CMPT 471 1 Distributed Denial of Service Attacks Darius Law.

Distributed Denial of Service Attacks CMPT Distributed Denial of Service Attacks Darius Law.
Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA © Abdou Illia.
Network Attack and Defense

Network Attack and Defense
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 7: Denial-of-Service Attacks.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 7: Denial-of-Service Attacks.
Defending Against Flooding Based DoS Attacks : A tutorial - Rocky K.C. Chang, The Hong Kong Polytechnic University Presented by – Ashish Samant.

Defending Against Flooding Based DoS Attacks : A tutorial - Rocky K.C. Chang, The Hong Kong Polytechnic University Presented by – Ashish Samant.
Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.

Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.
Chapter 9 Phase 3: Denial-of-Service Attacks. Fig 9.1 Denial-of-Service attack categories.

Chapter 9 Phase 3: Denial-of-Service Attacks. Fig 9.1 Denial-of-Service attack categories.

Similar presentations

Ads by Google