Botnets2008 - A few generalities About DDOS Carter Effect...

Info iconThis preview shows pages 1–17. Sign up to view the full content.

View Full Document Right Arrow Icon
A few generalities About DDOS Carter Effect Qatar UAE
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Malicious activity by country
Background image of page 2
A few generalities About DDOS Def
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
IP Spoofing A technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host. To engage in IP spoofing, a hacker must first use a variety of techniques to find an IP address of a trusted host and then modify the packet headers so that it appears that the packets are coming from that host
Background image of page 4
Ether and IP Headers Destination Address Source Address type 6 bytes 6 bytes 2 bytes Ether IP vers len TOS Total length (bytes) identification flags fragment offset TTL protocol checksum Source IP Address Destination IP Address 4 4 8 16 16 3 13 8 8 16 32 32 Application Transport Network Link Telnet, SMTP, etc TCP, UDP IP, ICMP Device Driver, Interface card 4 layers of TCP/IP protocol suite
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Background image of page 6
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Background image of page 8
TCP
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Digression on the TCP/IP world
Background image of page 10
TCP handshake Time Event DIAGRAM t Host A sends a TCP SYN chronize packet to Host B t+1 Host B receives A's SYN t+2 Host B sends it's own SYN chronize t+3 Host A receives B's SYN t+4 Host A sends ACK nowledge t+5 Host B receives ACK . TCP connection is established.
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
TCP and IP Headers IP vers len TOS Total length (bytes) identification flags fragment offset TTL protocol checksum Source IP Address Destination IP Address 4 4 8 16 16 3 13 8 8 16 32 32 Application Transport Network Link Telnet, SMTP, etc TCP, UDP IP, ICMP Device Driver, Interface card 4 layers of TCP/IP protocol suite
Background image of page 12
Application layer Presentation layer Session layer Transport layer Network layer Data-link layer Application protocols and programs Hardware layers TCP, ATP, UDP,… O pen S ystem I nterconnection Reference Model Ports header Application layer Presentation layer Session layer Transport layer Network layer Physical layer Data link layer Frame Information to be transferred Packets, Routers
Background image of page 13

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Dave Clark Proc. SIGCOMM ‘88, Computer Communication Review Vol. 18, No. 4, August 1988, pp. 106–114) The Design Philosophy of the DARPA Internet Protocols
Background image of page 14
The Design Philosophy of the DARPA Internet Protocols (Clark 88) “The Internet protocol suite, TCP/IP, was first proposed 15 yrs ago (before 1988, 34 yrs ago)”. It was developed by the Defense Advanced Research Projects Agency (DARPA), and has been used widely in military and commercial systems. While there are plenty of papers that describe how the protocols work, it is sometimes difficult to deduce from these why the protocol is as it is . This paper attempts to capture some of the early reasoning which shaped the Internet protocols
Background image of page 15

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Fundamental Goal The original goal was to connect together the original ARPANET with the ARPA packet radio network, in order to give users on the packet radio network access to the large service machines on the ARPANET. From this comes the fundamental structure of
Background image of page 16
Image of page 17
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 05/12/2008 for the course EPP 19601 taught by Professor Morel during the Spring '08 term at Carnegie Mellon.

Page1 / 59

Botnets2008 - A few generalities About DDOS Carter Effect...

This preview shows document pages 1 - 17. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online