DOS & DDOS A

Terrific Attack
Duration: 3HRS Audience: Expert
MODULE HIGHLIGHT
1. INTRODUCTION TALK (15 Min)
2. INFORMATIVE SESSION (15 Min)
2.1. Understanding Lab Setup
2.2. Surprise Gift
2.3. Security Field and Charlatans
3. FOUNDATION KNOWLEDGE(20 Min)
3.1. UnderstandingWeb Request and Response
3.2. Understanding Proxy process
4. ATTACK SCENARIO (60 Min)
4.1. Understanding DOS and DDOS
4.2. DOS Attack
4.3. DOS Attack UDP Flood
4.4. DDOS attack
5. SECURITY SOLUTIONS (15 Min)
5.1. IDS Detection Logic and Mechanism
5.2. Firewall
5.3. Honeypot
6. MASSIVE ATTACK (55 Min)
6.1. Protocol Randomize DOS Attack
6.2. Protocol Randomize DDOS Attack
6.3. Proxy, Zombie, UA Protocol Randomize DDOS Attack
A. ABOUT US
1. About CELNET
2. CELNET Management
3. Job Market
4. CELNET Carrier Courses
5. CELNET Basic Courses
6 CELNET Services And Comparisons
7. CELNET Success In Global Market
B. Question and Contact Us
CREDIT AND THANKS(1 MIN)
PROF. ANIL K ROY
DR AMIT KUMAR
IEEE BANGLORE
SJB INSTITUTES
ALL ORGANIZERS
AND ALL SPEAKER AND CHIEF GUEST
1.1. ABOUT ME
Recognized as Alien of Extra Ordinary Ability Holder person in the filed of
Computer Security by USA
Achieved First Rank in entire University during Master of Computer
Application Study
Written 5 books in subject of Computer Security, Networking and
Communication, Ethical Hacking and PenetrationTesting
Own two copyrights and five trademarks
foundedTwo companies
Published many research papers in many reputed scientific journals
Highlighted in many news paper and media
Penetrate Gujarat UNI web and received appreciation for his defensive
efforts fromGUAuthority
A Lead Developer of ReputedTool RPSS
Invited by many college, institutes and corporate for exclusive speech and
conference
Publish many articles in magazines.
Provided consultancy in many cyber crime related issue to government
Provided comprehensive training to many government senior officers
Reviewer of many international Journals.
Lead Developer of Expert in Ethical Hacking, Expert in Network Pen
testing, Expert in Web Pen testing, Expert in Computer Forensic and Expert
in Server Management.
IEEE Member
1. INTRODUCTION TALK(5 Min)
1.2. Research and Citation
Reach is attested by USCIS
Cited by many researcher
Published its abstract in many journal
Provoked wide spread commentary by many news media
1.3. Legal Issue
During this seminar no real resource is going to be harmand executed on virtually created target
all tools used are either self developed, trial version, open source or free
1.4. General Notice
Photography or Recording is strictly not allowed
Any person who have criminally accused by any law enforcement agency is not permitted to attend this
session
Any person who have age less then 18 year is not allowed here
The intension of this seminar is only educational and research purpose and methods is the proof of concept of
different possible attacks.
1.5. Apology
Apology for Bad English
1. INTRODUCTION TALK(5 Min)
2. INFORMATIVE SESSION (15 Min)
2.3. Security Field and Charlatans
Mostly People are Miss understanding the Security Field
Security Field is not mean to learn the Tips and Tricks
It is not the Field to Hack Some once Email or Social Network Account
Mentor can be helpful to you
This is not the Different Filed of Computer but it is Last Degree of Knowledge in Specific Domain
Visit The Site http://attrition.org/errata/charlatan/ to get some decent information in security world
Charlatans
2.1. Understanding Lab Setup
2.2. Surprise Gift
POST / HTTP/1.0
Accept-Encoding:
Host: www.example.com
Referer:
http://www.ashikali.com
Cookie: Some-Values
User-Agent: Mozilla/4.0
(compatible; MSIE 5.01;
Windows NT 5.0)
Connection: close
Content-Type:
application
Content-Length: 14
HTTP/1.1 200 OK
Date: Sat, 22 Oct
2005 19:28:06
GMT
Server:
Apache/1.3.19
(Unix)
3. FOUNDATION KNOWLEDGE 10 Min
3.1. Understanding Web Request And Response
Server of
www.eeh.com
Firewall IDS
ISP
Database Server
200 : ok - Request and response succeeded
404: not found - Resource is not exist
301 : moved permanently - Request resource moved to other place
302 : found - Resource found but temporary its in under different URL
303 : see other Request - resource moved another place but should be
receive
401 : unauthorized - Its require user authentication because of protection
500 : server error - Un expected server error
Response codes and description
3. FOUNDATION KNOWLEDGE 10 Min
3.2. Understanding Proxy Process
Firewall IDS
Database Server
Proxy Server
The Proxy use as a mediator which helps to exchange the request and response
between the Sender and receiver. Below scenario is helpful to understand the proxy
process.
REMOTE_ADDR = IP address of
proxy
HTTP_VIA = IP address of proxy
server
HTTP_X_FORWARDED_FOR =
Your own IP address
Request Format
ISP
4. ATTACK SCENARIO 10 Min
4.1. Understanding DOS & DDOS
The DOS mean distribute denial of attack in this attack. Attacker usually flood the target computer by sending
number of request or packets on specific port using either TCP or UDP Protocol. While in DDOS Attack same
procedure done using the Zombie. Attacker send the instruction to the zombie to flood on the target . DDOS is
more powerful and silent then DOSAttack.
Attacker
Target
DOS Attack Example
DDOS ATTACK EXAMPLE
Attacker
Zombie
Zombie
Symptoms
System Slow
Crash the System
Over Heating the System
Interruption
Jam the System
4. ATTACK SCENARIO 30 Min
4.2. DOS Attack (Live Demo)
4.3. DOS Attack UDP Flood (Live Demo)
4.4. DDOS Attack (Live Demo)
5. SECURITY SOLUTION 10 Min
5.2. IDS Logic and Detection Mechanism
Firewall IDS
Database Server
Proxy Server
IDS reads the request and logs and they first check their database as previously
created by the user and they act.
REMOTE_ADDR = IP address of
proxy
HTTP_VIA = IP address of proxy
server
HTTP_X_FORWARDED_FOR =
Your own IP address
Request Format
ISP
5.1. Firewall Logic and Mechanism
Firewall Blocks the unwanted ports so that incoming connection from untrusted
resources can be block.
5. SECURITY SOLUTION 10 Min
5.3. Honeypot
Honeypot is the systemto create deliberately vulnerable resource to trap attacker.
6.1. Protocol Randomize DOS Attack (Live Demo)
6.2. Protocol Randomize DDOS Attack (Live Demo)
6.3. Proxy, Zombie, UA Protocol Randomize DDOS Attack (Live Demo)
6. ATTACK SCENARIO (60 Min)
See me at ashikali1607@gmail.com
Facebook: Ashikali.hasan