Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 쉽게 접근하자 DoS! Sookmyung Women’s Univ. 최서윤. 2 The DoS?! Sockstress DoS using LOIC Link Local DoS.

Published byWilfred Davidson Modified over 8 years ago

Similar presentations

Presentation on theme: "1 쉽게 접근하자 DoS! Sookmyung Women’s Univ. 최서윤. 2 The DoS?! Sockstress DoS using LOIC Link Local DoS."— Presentation transcript:

1 1 쉽게 접근하자 DoS! Sookmyung Women’s Univ. 최서윤

2 2 The DoS?! Sockstress DoS using LOIC Link Local DoS

3 3

4 4 Attacked Scientology Websites Attacked the RIAA Hacked the HB Gary Company

5 5 Attacked the websites Originally performed DoS attack Using twitter th3j35t3r

6 6 Denial of Service attack Distributed Denial of Service attack - Destruction system - Bandwidth consumption - Exhausts Server Resources

7 7

8 8 Client SYN/ACK SYN ACK Server DATA ACK

9 9 Client SYN/ACK SYN ACK win =0 Server

10 10

11 11 Causes sessions to hang up, consuming RAM Can render servers unbootable

12 12 Defense - Short-term  Block packets with small window sizes with a firewall - Long-term  Patch OS to reclaim RAM

13 13

14 14

15 15

16 16

17 17

18 18

19 19

20 20 NEED AN IP USE THIS IP

21 21 I AM Router! Join! OKAY

22 22

23 23 flood_ router6 Using BackTrack5 Also effects FreeBSD Windows dies within 30 seconds No effect on Mac OS X & Ubuntu Linux

24 24 Windows Vulnerability One attacker kills all the Windows machines on a LAN Win 8 & Server 2012 dies (BSoD)

25 25 Effects of New RA Flood Microsoft Surface RT dies Win 7 & Server 2008  Freeze during attack Win 8 & Server 2012 dies (BSoD) iPad 3 & Android phone slows and crashes (sometimes) Mac OS X dies

26 26 Defense Disable IPv6 Turn off Router Discovery Get a switch with RA Guard Microsoft provides some protection

27 27 http://code.google.com/p/r-u-dead-yet/ Keep-Alive DoS Script http://www.esrun.co.uk/blog/keep-alive-dos-script/ Router Advertisement DoS in Windows http://samsclass.info/ipv6/proj/flood-router6a.htm RA Guard Evasion http://samsclass.info/ipv6/proj/RA-evasion.html Jester pic http://mashable.com/2010/11/29/hacker-wikileaks/ LOIC http://en.wikipedia.org/wiki/Low_Orbit_Ion_Cannon

28 28 News http://dailysecu.com/news_view.php?article_id=1663 Generation about DoS attack http://privacy-pc.com/articles/generations-of-dos-attacks-some-history- and-links-to-jester-anonymous-and-lulzsec.html Layer 4 DoS http://unknownhad.wordpress.com/2013/03/16/what-is-ddos-layer-7-and- layer-4-and-low-rate-ddos/ Layer 7 DoS https://www.owasp.org/images/4/43/Layer_7_DDOS.pdf About LOIC http://gizmodo.com/5709630/what-is-loic

29 29 Layer 7 DoS https://devcentral.f5.com/articles/layer-4-vs-layer-7-dos-attack About Sockstress and New RA flood DEFCON-21-Bowne-Prince-Evil-DoS-Attacks-and-Strong-Defenses Youtube Sam Bowne video

30 30 Thank you ★

31 31 ★ melody2804@gmail.com https://www.facebook.com/seoyun.choi.395

Download ppt "1 쉽게 접근하자 DoS! Sookmyung Women’s Univ. 최서윤. 2 The DoS?! Sockstress DoS using LOIC Link Local DoS."

Similar presentations

Ethical Hacking: New Web 2.0 Attacks and Defenses HI-TEC 2011.

Ethical Hacking: New Web 2.0 Attacks and Defenses HI-TEC 2011.
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
IUT– Network Security Course 1 Network Security Firewalls.

IUT– Network Security Course 1 Network Security Firewalls.
Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.

Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.
Michelle J. Gosselin, Jennifer Schommer Guanzhong Wang.

Michelle J. Gosselin, Jennifer Schommer Guanzhong Wang.
Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.

Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated 9-18-08.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Distributed Denial of Service Attacks CMPT 471 1 Distributed Denial of Service Attacks Darius Law.

Distributed Denial of Service Attacks CMPT Distributed Denial of Service Attacks Darius Law.
Outline Definition Point-to-point network denial of service

Outline Definition Point-to-point network denial of service
Common IS Threat Mitigation Strategies An overview of common detection and protection technologies Max Caceres CORE Security Technologies www.coresecurity.com.

Common IS Threat Mitigation Strategies An overview of common detection and protection technologies Max Caceres CORE Security Technologies
Detecting SYN-Flooding Attacks Aaron Beach CS 395 Network Secu rity Spring 2004.

Detecting SYN-Flooding Attacks Aaron Beach CS 395 Network Secu rity Spring 2004.
CSE331: Introduction to Networks and Security Lecture 35 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 35 Fall 2002.
SYN Flooding: A Denial of Service Attack Shivani Hashia CS265.

SYN Flooding: A Denial of Service Attack Shivani Hashia CS265.
Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA © Abdou Illia.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Detecting SYN-Flooding Attacks Aaron Beach CS 395 Network Secu rity Spring 2004.

Detecting SYN-Flooding Attacks Aaron Beach CS 395 Network Secu rity Spring 2004.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.

Similar presentations

Ads by Google