Presented by- Amit chittoria Introduction to DDOS attack
• DDos does is capable of doing more harm. With
this attacker can use the victims system to infect other connected systems or send a spam. Attacker can find a weakness in the system and can inject a malware or a software which can be remotely used. Types of DDOS attack • DoS attacks can be classified into two main categories:
1- Flood atttacks-A remote system is overwhelmed
by a continuous flood of traffic designed to consume resources at the targeted server and/or in the network (bandwidth and packet buffers).
Flood Attack: Smurf IP Attack: • UDP Flood Attack:
• ICMP Flood Attack:
2- Logic attacks- A small number of malformed packets are designed to exploit known software bugs on the target system. Ping of Death: Teardrop: Land: Development • binary encryption • “stealth” / • Tools advanced • High scanning • • packet spoofing denial of service techniques • sniffers • distributed • • attack tools Intruder • www • Knowledge • attacks automated probes/scans • GUI • back doors • disabling audits • network mgmt. diagnostics • hijacking • burglaries • sessions • Attack • exploiting known vulnerabilities • Sophistication • password cracking
• password guessing • Attackers
• Low • 1980 • 1985 • 1990 • 1995 • 2001 • Source : CERT/CC Target of attacks • End hosts • Critical servers (disrupt C/S network) – Web, File, Authentication, Update – DNS • Infrastructure – Routers within org – All routers in upstream path. How to protect • This days many website suffering from DDOS (Denial of service) attack.
There is not much information and solutions how to protect from
DDOS attack,but I will explain little about how to protect from it.
First you should know what type of DDOS attack you
receiving,it can be just simple SYN-FLOOD which can be blocked very easy.
If you have Linux server you can check it with command: