10 Network Attacks Pt. 2

10 Network Attacks Pt. 2 - Network Attacks Denial of...

Info iconThis preview shows pages 1–11. Sign up to view the full content.

View Full Document Right Arrow Icon
Network Attacks Denial of Service
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Categories Scanning Denial-of-Service (DoS) Hijacking Penetration
Background image of page 2
Contents DOS overview Distributed DOS Defending against DDOS egress filtering References
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Goal of an Attacker Reduce of an availability of a system to legit users, so that the system is unable to provide the services it is supposed to provide. Deny you use of your own resources. Hence, the Denial of Service, or DOS.
Background image of page 4
DOS Types Greatly vary: from program/system overloading, to disk space usage, to network load. Types: Memory eaters Bandwidth cloggers System crashers
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Simplest DOS Examples Causing a computer system running out of disk space so it crashes (feeding some noisy programs so their logs fill up the space, creating directories, eating up virtual memory). A host fs DoS : UNIX : while true; do mkdir . .. cd . .. done Sending a database with deliberately slow queries. Worms: Eating up machine resources. Clogging the network with enormous number of packets. "Teardrop" and "Ping of death" are system crashers. Starting up processes in an infinite loop Fork bomb (infinite fork() or spawning new threads) Open browser windows in an infinite loop (JavaScript)
Background image of page 6
Distributed DOS DOS over the networks, such as the Internet. Multiple compromised hosts, zombies , (say infected with some Trojans or worms) from all over the world target a network or even a single IP with loads of malformed packets. Worm’s port scanning. Denial of Service Attacks, with the backbone, the multiplication strategy.
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Smurf http://www.securitydocs.com/library/2576 Smurf attacks are one of the most devastating DoS attacks. See the Figure 1, in the Smurf (ICMP Packet Magnification) attack, the attacker sends an ICMP echo request (ping) to a broadcast address. The source address of the echo request is the IP address of the victim (uses the IP address of the victim as the return address). After receiving the echo request, all the machines in the broadcast domain send echo replies (responses) to the victim’s IP address (see the Figure 2). Victim will crash or freeze when receiving larger-sized packet flood from many machines. Smurf attack uses bandwidth consumption to disable a victim system’s network resources. It accomplishes the consumption using amplification of the attackers bandwidth. If the amplifying network has 100 machines, the signal can be amplified 100 times, so the attacker with relatively low bandwidth (such as the 56K modem) can flood and disable a victim system with much higher bandwidth (such as the T1 connection).
Background image of page 8
Smurf (http://www.securitydocs.com/library/2576)
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Fraggle The Fraggle (UDP Packet Magnification) attack is the cousin of Smurf attack. Fraggle attack uses UDP echo packets in the
Background image of page 10
Image of page 11
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 04/24/2011 for the course CET 4663 taught by Professor Staff during the Fall '08 term at University of Central Florida.

Page1 / 32

10 Network Attacks Pt. 2 - Network Attacks Denial of...

This preview shows document pages 1 - 11. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online