Professional Documents
Culture Documents
by Abin paul
Overview
Introduction Why? How? Synk attack DDOS case study
Introduction
limited and consumable resources (memory, processor cycles, bandwidth, ...)
inet security highly interdependent
DDos-Attack
Why?
sub-cultural status
nastiness
revenge
to gain access
political reasons
economic reasons
How?
TCP floods (various flags) ICMP echo requests (i.e.. Ping floods)
UDP floods
SYN-Attack
Handshake Attack
SYN-ACK
SYN SYN-ACK
ACK
Botnet
Collection of programs or systems to perform a particular task
Case study
2006 in Verisign 5Gbps attack Published 4028 byte zone request to 30,000 DNS servers 200.0.0.0 to 217.255.255.255 address space 79 mbps to 5Gbps
Solutions
Notification and alerting mechanism Sufficient bandwidth to absorb the attack Filtering technology that excludes only unwanted traffic A distributed model to create and maintain redundancy A logging/correlation system to collect detailed attack data