Presentation is loading. Please wait.

Presentation is loading. Please wait.

Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.

Published byJeffrey Sullivan Modified over 8 years ago

Similar presentations

Presentation on theme: "Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik."— Presentation transcript:

1 Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik

2 Agenda Introduction and Famous Attacks How Attack Takes Place Types of DDOS Attacks Smurfing UDP Flooding TCP SYN Flooding

3 Introduction Causes service to be unusable or unavailable Coordinated mass scale attack from compromised computers Exhaust bandwidth, router processing, network stack resource Hard to detect at firewall level

4 Famous Attacks February 2000 Yahoo, Ebay, Amazon websites attacked Yahoo received packet traffic which some websites receive in 1 year 1 billion dollars October 2002 7 of 13 DNS root servers attacked Attack on internet itself

5 Scanning (Step 1) Port Scanning Search for open ports NMap  Send packets to target to interact  TCP Connect, TCP SYN, UDP, Software Vulnerabilities Common & Default Configuration Weaknesses Nessus  Plugin  Windows, Backdoor, File Sharing, Firewalls, Mail Servers

6 Stack based Buffer overflow (Step 2) Attacker chooses most vulnerable machines. Buffer overflow occurs when attacker store too much data in undersize buffer. Attacker precisely tune the amount and content of data. Attacker overwrites the return pointer with his own, which points to his code.

7 Function arguments Return pointer Buffer(Local variable) Bottom of memory Normal Stack Fill Direction

8 New pointer Attacker machine code Buffer(Local variable) Bottom of memory Function arg Top of memory Fill direction Smashed Stack

9 Rootkit & Attack (Step 3) Rootkit To get back into compromised system Replace system file with there Trojan version Attack Instruct compromised systems to attack Various flooding methods

10 DDoS attack

11 Kinds of Attacks Smurfing UDP Flooding TCP Syn Flooding

12 Smurfing Attacker sends packet to Network amplifier with return address spoofed to victim IP address Attacking packets are typically ICMP echo request This request generate ICMP echo reply which will flood the victim

13 TCP SYN Attack Exploits Three way handshaking protocol. Large number of bogus TCP Sync request are sent to victim in order to tie up its resources. No Ack+Syn responses are returned, Server run out of memory resources

14 TCP SYN Attack

15 UDP Flooding Connectionless protocol No 3 way handshaking is required Large number of UDP packets saturate the Network and deplete the bandwidth.

16 DDoS Counter Measures Egress filtering Scanning packets for certain criteria Spoofed address Close all unneeded ports Be More aware Install new patches Check server logs Test scanning tools on your system

17 Thanks Queries?

Download ppt "Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik."

Similar presentations

Syn Flooding Sends TCP connections to a machine faster than it can process themSends TCP connections to a machine faster than it can process them Each.

Syn Flooding Sends TCP connections to a machine faster than it can process themSends TCP connections to a machine faster than it can process them Each.
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
Review For Exam 2 March 9, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Review For Exam 2 March 9, 2010 MIS 4600 – MBA © Abdou Illia.
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.

Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.

Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.
Network Security of Labnet ******. Introduction Test the network security of the servers on our Labnet domain Find Potential Weaknesses Find Security.

Network Security of Labnet ******. Introduction Test the network security of the servers on our Labnet domain Find Potential Weaknesses Find Security.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated 9-18-08.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
Defensive Measures for DDoS By Farhan Mirza. Contents Survey Topics Survey Topics Introduction Introduction Common Target of DoS Attacks Common Target.

Defensive Measures for DDoS By Farhan Mirza. Contents Survey Topics Survey Topics Introduction Introduction Common Target of DoS Attacks Common Target.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Outline Definition Point-to-point network denial of service

Outline Definition Point-to-point network denial of service
Intruder Trends Tom Longstaff CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 Sponsored by.

Intruder Trends Tom Longstaff CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by.
Scanning February 23, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Scanning February 23, 2010 MIS 4600 – MBA © Abdou Illia.
Network Attack and Defense

Network Attack and Defense
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
Computer Security and Penetration Testing

Computer Security and Penetration Testing

Similar presentations

Ads by Google