ddos ddo s and ddon ts
play

DDOS: DDos and DDonts DrupalCon 2016 Agenda What is DDoS - PowerPoint PPT Presentation

Feb 18, 2024 •231 likes •549 views

DDOS: DDos and DDonts DrupalCon 2016 Agenda What is DDoS Detecting DDoS Attacks DDoS Prevention Improving Performance Questions Glossary DDoS - Attempt to make a server or network resource unavailable to Internet

  1. DDOS: DDo’s and DDon’ts DrupalCon 2016

  2. Agenda ● What is DDoS ● Detecting DDoS Attacks ● DDoS Prevention ● Improving Performance ● Questions

  3. Glossary DDoS - Attempt to make a server or network resource unavailable to ● Internet users WAF - Web Application Firewall, filter that applies a set of rules to an ● HTTP conversation DNS - Domain name system answers queries with IPs ● OSI - Open System Interconnection Model ● Layer 3 & 4 - Network and Transport layers (IPv4 & IPv6, TCP, UDP) ○ Layer 7 - Application layer (Chrome, Firefox) ○ CDN - system of distributed servers that deliver content to a user ● based on the location of the user, the origin of the webpage and a content delivery server

  4. Ransom Notes

  6. History of DDoS

  7. The Evolving Landscape of DDoS Attacks HTTP Application 100s Gbps Sophistication DNS infrastructure 100s Gbps NTP reflection DNS amplification Up to 400+ Gbps Up to 300 Gbps (35% up from DNS ampl.) 2013 2014 ATTACK TYPE TREND Volumetric Layer 3 / 4 • DNS Infrastructure • HTTPS application • Origin: 100s of countries • More sophisticated DDoS mitigation and larger surface area to block volumetric attacks has forced hackers to change tactics. New DNS infrastructure and HTTP layer 7 attack signatures that mimic human-like behavior are increasing in frequency.

  8. Layer 3 / 4 Attacks

  9. DNS / NTP Amplification attack Attackers pretending to be your server make tiny requests to thousands of DNS or NTP servers. Those servers return huge responses to your server, knocking it offline. Exhausts network connection

  10. DNS amplification attacks in action

  11. DNS amplification attacks in action 3 days later...

  12. DNS amplification attacks in action

  13. SMURF attacks

  14. Layer 7 attacks Attackers use millions of compromised machines to launch a sophisticated attack that mimics real users and overloads the slow points in your web property. Exhausts CPU

  15. Layer 7: Drupalgeddon / SQL Injection

  16. Detecting DDoS Attacks

  17. What an attack looks like... Id Date Severit Type Message 3161818 16/Jun 16:45 notice spambot Blocked registration: email=supplyweqz@gmail.com,ip=120. 43.21.95 3161817 16/Jun 16:45 notice user Login attempt failed for JulianHut. 3161794 16/Jun 16:44 notice user Login attempt failed for Julianml.

  18. DDoS Prevention

  19. Common Spam Traffic Defense Methods CAPTCHA - Completely Automated Public Turing test to tell Computers ● and Humans Apart Timegate (Time Difference) ● Honeypot ● Content analysis ● Visitor reputation ●

  20. WAF: Web Application Firewall

  21. CloudFlare Drupal WAF Rules D0000 - Block Large Requests to xmlrpc.php for Drupal CMS D0002 - Block requests with odd array arguments D0001 - Block Requests to xmlrpc.php for Drupal CMS URIs: /xmlrpc.php -- most common /?q=node&destination=node /blog/xmlrpc.php /user/login/ HTTP Method: POST -- most common GET

  22. CloudFlare Drupal WAF Triggers Frequency of Triggers over 30 Days Percentage of trigger by WAF Rule

  23. Improving Performance: CDN

  24. CDN

  25. CDN

  26. CDN: Anycast network Global: 28 data centers in over 15 countries • Secure: built into every layer and every protocol • Robust: every node can perform any task. Anycast HTTP routing • Reliable: built-in redundancy, load balancing, and high-availability •

  27. CDN: Caching

  28. Page Rules for Drupal

  29. CDN Performance boost • Improve Performance : CloudFlare caches static content by default (JS, CSS, images). Custom caching options • Accelerate Dynamic Content (Railgun™) : WAN optimization tool to compress and accelerate dynamic pages. Up to 99.6% compression ratio & 7.3x performance gain • Edge Side Code : deploy powerful logic that alters HTTP requests and responses on the fly, without added latency • Front End Optimization : auto-minify, image optimization, JS bundling • Client Intelligence: optimization for network and device type

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

.tr DDoS A)ack December 2015 A4la zgit .tr ccTLD Manager Dec, 2015 .tr DDoS A)ack A Summary

.tr DDoS A)ack December 2015 A4la zgit .tr ccTLD Manager Dec, 2015 .tr DDoS A)ack A Summary

.tr DDoS A)ack December 2015 A4la zgit .tr ccTLD Manager Dec, 2015 .tr DDoS A)ack A Summary of a 3 weeks long experience 2016-03-07 Dec 2015 DDoS A)ack on .TR 2 Before DDoS q Infrequent Small scale DoS and DDos A)acks Few Qmes

150 views • 13 slides
.tr DDoS Attack December 2015 Attila zgit .tr ccTLD Manager Dec, 2015 .tr DDoS Attack A

.tr DDoS Attack December 2015 Attila zgit .tr ccTLD Manager Dec, 2015 .tr DDoS Attack A

.tr DDoS Attack December 2015 Attila zgit .tr ccTLD Manager Dec, 2015 .tr DDoS Attack A Summary of a 3 weeks long experience 2016-03-07 Dec 2015 DDoS Attack on .TR 2 Before DDoS q Infrequent Small scale DoS and DDos Attacks Few

606 views • 14 slides
DDoS Mitigation collection TL;DR: DDOS STRATEGISTS DO DRUGS Agenda 2 Intro Methodology

DDoS Mitigation collection TL;DR: DDOS STRATEGISTS DO DRUGS Agenda 2 Intro Methodology

1 DDoS Mitigation collection TL;DR: DDOS STRATEGISTS DO DRUGS Agenda 2 Intro Methodology of work DDoS tactics in-the-wild and how to improve Ready, set, FACEPALM! Q&A ~$ whoami 3 Moshe Zioni, Head of Research,

656 views • 47 slides
Transport choice for Co-operative DDoS Mitigation 1 DDoS Transport Choice Message: DDoS victim

Transport choice for Co-operative DDoS Mitigation 1 DDoS Transport Choice Message: DDoS victim

Transport choice for Co-operative DDoS Mitigation 1 DDoS Transport Choice Message: DDoS victim to DDoS mitigation service SOS "I am getting DoSd" 2 DDoS Transport Choice SOS : Requirements Emergency signal.

247 views • 5 slides
Ca Catch ch M Me If Ca e If Can: A Cl A Clou oud-En -Enabled ed DDoS DDoS De Defen ense

Ca Catch ch M Me If Ca e If Can: A Cl A Clou oud-En -Enabled ed DDoS DDoS De Defen ense

Ca Catch ch M Me If Ca e If Can: A Cl A Clou oud-En -Enabled ed DDoS DDoS De Defen ense e Quan Jia, Huangxin Wang, Dan Fleck, Fei Li, Angelos Stavrou, Walter Powell Presented by Surya Mani Content u Motivation u Related Work u

262 views • 23 slides
Universal DDoS Mitigation Bypass DDoS Mitigation Lab About Us Industry body formed to foster

Universal DDoS Mitigation Bypass DDoS Mitigation Lab About Us Industry body formed to foster

Universal DDoS Mitigation Bypass DDoS Mitigation Lab About Us Industry body formed to foster synergy among stakeholders to promote advancement in DDoS defense knowledge. Independent academic R&D division of Nexusguard building next

764 views • 44 slides
Catch me if you can A cloud based DdoS defense Mikal Fourrier DDoS attacks Goal: prevent

Catch me if you can A cloud based DdoS defense Mikal Fourrier DDoS attacks Goal: prevent

Catch me if you can A cloud based DdoS defense Mikal Fourrier DDoS attacks Goal: prevent the access to a computer system to it's legitimate users. DDoS: DoS attack on the network using a lot of different source IP Why:

327 views • 16 slides
DDoS Last Class Fault tolerance Concurrency Naming This Class Networking How

DDoS Last Class Fault tolerance Concurrency Naming This Class Networking How

DDoS Last Class Fault tolerance Concurrency Naming This Class Networking How DDoS works UDP Data Client Server Response TCP DDoS Distributed denial-of-service attack Attacker targets a victim from a number of

356 views • 22 slides
A Guide About DDoS Attacks Understanding and anticipating DDoS Guillaume Valadon

A Guide About DDoS Attacks Understanding and anticipating DDoS Guillaume Valadon

A Guide About DDoS Attacks Understanding and anticipating DDoS Guillaume Valadon guillaume.valadon@ssi.gouv.fr RIPE 70 - May, 11 2015 ANSSI - http://www.ssi.gouv.fr/guide-ddos & https://goo.gl/UL8M1 1/12 ANSSI Created on July 7th 2009,

142 views • 12 slides
CS 110 Summer 2018 Ryan Eberhardt DDoS Attacks

CS 110 Summer 2018 Ryan Eberhardt DDoS Attacks

CS 110 Summer 2018 Ryan Eberhardt DDoS Attacks https://www.reveelium.com/en/ddos-attacks-the-cyber-boogeyman-part-i/ DDoS Attacks 1,700 Gbps!! 2015 :-/

748 views • 20 slides
Discriminating reflective DDoS attack tools at the reflector Fons Mijnen Max Grim

Discriminating reflective DDoS attack tools at the reflector Fons Mijnen Max Grim

Discriminating reflective DDoS attack tools at the reflector Fons Mijnen Max Grim fons.mijnen@os3.nl max.grim@os3.nl 2 DDoS attacks DDoS attacks are a problem internet users have faced for many years, and is still relevant today. 3 DDoS

531 views • 52 slides
Filtering Based Techniques DDOS Attacks: Target CPU / Bandwidth for DDOS Mitigation

Filtering Based Techniques DDOS Attacks: Target CPU / Bandwidth for DDOS Mitigation

Introduction: Filtering Based Techniques DDOS Attacks: Target CPU / Bandwidth for DDOS Mitigation Attacker signals slaves to launch an attack on a specific target address (victim). Slaves then respond by Comp290: Network

275 views • 9 slides
A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena Mirkovic, Janice Martin & Peter

A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena Mirkovic, Janice Martin & Peter

A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena Mirkovic, Janice Martin & Peter Reiher Manu Shantharam & David Hadka What is DoS? DoS A type of attack wherein access to computer resource / service is denied or

380 views • 18 slides
DDoS Attack Landscapes Introduction General opinion AKA DDoS skeptics Denial of Service

DDoS Attack Landscapes Introduction General opinion AKA DDoS skeptics Denial of Service

DDoS Attack Landscapes Introduction General opinion AKA DDoS skeptics Denial of Service attacks are a fact of life on the Internet Service disruption Sometimes employed as a smoke screen What this talk is and

799 views • 23 slides
COLOSSAL DDoS ATTACKS ARE THE NEW REALITY Defeating DDoS Needs a Precision Strategy Your Secure

COLOSSAL DDoS ATTACKS ARE THE NEW REALITY Defeating DDoS Needs a Precision Strategy Your Secure

COLOSSAL DDoS ATTACKS ARE THE NEW REALITY Defeating DDoS Needs a Precision Strategy Your Secure Application Services CONFIDENTIAL | DO NOT DISTRIBUTE Company 1. CONFIDENTIAL | DO NOT DISTRIBUTE Attack Tools over Time - Evolved Binary

385 views • 12 slides
XDP in Practice DDoS Mitigation @Cloudflare Gilberto Bertin About me Systems Engineer at

XDP in Practice DDoS Mitigation @Cloudflare Gilberto Bertin About me Systems Engineer at

XDP in Practice DDoS Mitigation @Cloudflare Gilberto Bertin About me Systems Engineer at Cloudflare London DDoS Mitigation Team Enjoy messing with networking and Linux kernel Agenda Cloudflare DDoS mitigation pipeline Iptables and

802 views • 65 slides
An Evaluation of Distributed Concurrency Control Harding, Aken, Pavlo and Stonebraker Presented

An Evaluation of Distributed Concurrency Control Harding, Aken, Pavlo and Stonebraker Presented

An Evaluation of Distributed Concurrency Control Harding, Aken, Pavlo and Stonebraker Presented by: Thamir Qadah For CS590-BDS 1 Outline Motivation System Architecture Implemented Distributed CC protocols 2PL TO

684 views • 56 slides
1000 days of UDP amplification DDoS attacks Daniel R. Thomas , Richard Clayton, Alastair R.

1000 days of UDP amplification DDoS attacks Daniel R. Thomas , Richard Clayton, Alastair R.

1000 days of UDP amplification DDoS attacks Daniel R. Thomas , Richard Clayton, Alastair R. Beresford Firstname.Lastname@cl.cam.ac.uk Daniel: 5017 A1EC 0B29 08E3 CF64 7CCD 5514 35D5 D749 33D9 Richard: 899A 94CE BFCE CCE2 5744 5ACE 3BBC CF52

434 views • 18 slides
Enhancing Multimedia QoE via More Effective Time Synchronisation over 802.11 Networks Jonathan

Enhancing Multimedia QoE via More Effective Time Synchronisation over 802.11 Networks Jonathan

Enhancing Multimedia QoE via More Effective Time Synchronisation over 802.11 Networks Jonathan Shannon Padraig OFlaithearta Yusaf Cinar Hugh Melvin Disc. of Information Technology, National University of Ireland, Galway. 1 Outline

427 views • 28 slides
Install and run chef-solo in minutes benjaminrtz@gmail.com Install chef ============ curl -L

Install and run chef-solo in minutes benjaminrtz@gmail.com Install chef ============ curl -L

Install and run chef-solo in minutes benjaminrtz@gmail.com Install chef ============ curl -L https://www.opscode.com/chef/install.sh | bash Check ===== # chef-solo -v Chef: 11.6.2 Setup chef repository ===================== #wget

571 views • 4 slides
Some remarks on ! 2 e 00 E ! 2 e 00 E w equivalence of graph-to-graph

Some remarks on ! 2 e 00 E ! 2 e 00 E w equivalence of graph-to-graph

E e E e 0 E Some remarks on ! 2 e 00 E ! 2 e 00 E w equivalence of graph-to-graph transducers inc( w, e 0 ) inc( w, e 00 ) Schmude, J. Boja czyk, M. University of Warsaw Highlights of Logic,

692 views • 22 slides
Physics Analysis Concepts with PandaRoot (4) PANDA Computing Week 2017 Nakhon Ratchasima,

Physics Analysis Concepts with PandaRoot (4) PANDA Computing Week 2017 Nakhon Ratchasima,

Physics Analysis Concepts with PandaRoot (4) PANDA Computing Week 2017 Nakhon Ratchasima, Thailand, July 3 - 7, 2017 Klaus Gtzen GSI Darmstadt Topics Event Filtering ( FairFilteredPrimaryGenerator ) Useful Event and Kinematic Variables (

2.26k views • 44 slides
Design and Evaluation of a 2048 Introduction Core Cluster System The CHiC Project Benchmarks

Design and Evaluation of a 2048 Introduction Core Cluster System The CHiC Project Benchmarks

CHiC 2007 Frank Mietke Design and Evaluation of a 2048 Introduction Core Cluster System The CHiC Project Benchmarks Summary Frank Mietke , Torsten Hfler, Torsten Mehlan and Wolfgang Rehm Computer Architecture Group Department of Computer

594 views • 20 slides
Physics 2D Lecture Slides Oct 1 Vivek Sharma UCSD Physics Einsteins Special Theory of

Physics 2D Lecture Slides Oct 1 Vivek Sharma UCSD Physics Einsteins Special Theory of

Physics 2D Lecture Slides Oct 1 Vivek Sharma UCSD Physics Einsteins Special Theory of Relativity Einsteins Postulates of SR The laws of physics must be the same in all inertial reference frames The speed of light in vacuum has

714 views • 25 slides

More recommend