denial of service denial of service
play

Denial of Service Denial of Service An attack designed to disrupt - PDF document

Apr 04, 2024 •220 likes •430 views

1 Denial of Service Denial of Service An attack designed to disrupt or completely deny legitimate users access to network, servers, services, or other resources Two basic favors: Target resource starvation Network

  1. 1 Denial of Service

  2. Denial of Service • An attack designed to disrupt or completely deny legitimate user’s access to network, servers, services, or other resources • Two basic favors: – Target resource starvation – Network bandwidth consumption 2

  3. 3 Resource Starvation

  4. Land Attack 1 • Targeting MS Windows NT 4.0 boxes pre-SP4 • Port 135 • It appears as if one RPC server sent bad data to another RPC server – A loop of REJECT packet 4

  5. Land Attack 2 - Snork • Against MS Windows NT 4.0 boxes • Allows an attacker with minimal resources to cause a remote NT system to consume 100% CPU usage 5 • http://www.securityfocus.com/bid/2234

  6. 6 WinNuke Attack

  7. WinNuke Attack – Con’t • CVE-1999-0153 • This attack attempts to connect to one of three NetBIOS ports (137-139), and send an out of band (OOB) nuke. • The exploit consists of setting the PSH-URG flag but not following it with data – When Windows NT is successfully attacked, it crashes 7

  8. One Dangerous Packet • IP version 0 and an IP header length of 0 • Kill certain processes that listen promiscuously on a network 8

  9. Telnet DoS Attack • A DoS attack against old SunOS and Solaris systems • Flooding the victim’s daemon with ctrl-D characters (0x04) • Target cannot cleanly close the connection with a FIN packet, and resorts to sending RST packets • When the attack stops, the target machine slowly returns to normal 9

  10. 10 Telnet DoS Attack – Con’t

  11. 11 Telnet DoS Attack – Con’t

  12. 12 Bandwidth Consumption

  13. 13 Smurf Attack

  14. 14 Smurf Attack – Con’t

  15. Smurf Attack • Two main components – Forged ICMP echo request packets – The direction of packets to IP broadcast address • Amplification attack – One packet generates many responses • Three parties: – The attacker – The intermediary – The victim 15

  16. 16 Looping Attacks – Echo-Chargen Loop

  17. Echo-Chargen Loop • When UDP port 7 (echo port) receives a packet, it checks the payload and then echoes the payload back to the source • When UDP port 19 (character generator port) receives a packet, it replies with a somewhat random string of characters • CVE-1999-0103 17

  18. 18 Spoofed DNS Queries – DoomDNS Attack

  19. DoomDNS Attack • DoomDNS sends odd queries to BIND servers that can elicit many responses from the server • It is possible to flood someone by sending a spoofed UDP QUERY to the DNS – A DNS query of just a few bytes (20-30) can achieve responses of around 400-500 bytes 19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Denial of Service attacks Markus Peuhkuri 2005-04-12 Lecture topics Types of denial of service

Denial of Service attacks Markus Peuhkuri 2005-04-12 Lecture topics Types of denial of service

Denial of Service attacks Markus Peuhkuri 2005-04-12 Lecture topics Types of denial of service How to mitigate attacks How to find out senders What is Denial of Service

542 views • 8 slides
Denial of Service Last Class Fault tolerance Concurrency Naming This Class

Denial of Service Last Class Fault tolerance Concurrency Naming This Class

Denial of Service Last Class Fault tolerance Concurrency Naming This Class Networking How DDoS works UDP Data Client Server Response TCP DDoS Distributed denial-of-service attack Attacker targets a victim from a

436 views • 28 slides
Denial-of-Service (DoS) CS 161: Computer Security Prof. David Wagner March 5, 2013 Attacks on

Denial-of-Service (DoS) CS 161: Computer Security Prof. David Wagner March 5, 2013 Attacks on

Denial-of-Service (DoS) CS 161: Computer Security Prof. David Wagner March 5, 2013 Attacks on Availability Denial-of-Service (DoS): preventing legitimate users from using a computing service We do though need to consider our threat model

1.09k views • 42 slides
Denial-of-Service (DoS), continued CS 161: Computer Security Prof. David Wagner April 4, 2016

Denial-of-Service (DoS), continued CS 161: Computer Security Prof. David Wagner April 4, 2016

Denial-of-Service (DoS), continued CS 161: Computer Security Prof. David Wagner April 4, 2016 Transport-Level Denial-of-Service Recall TCPs 3-way connection establishment handshake Goal: agree on initial sequence numbers Server Client

530 views • 40 slides
Countering SYN Flood Denial-of-Service (DoS) Attacks Ross Oliver Tech Mavens

Countering SYN Flood Denial-of-Service (DoS) Attacks Ross Oliver Tech Mavens

Countering SYN Flood Denial-of-Service (DoS) Attacks Ross Oliver Tech Mavens reo@tech-mavens.com What is a Denial-of- Service (DoS) attack? ! Attacker generates unusually large volume of requests, overwhelming your servers ! Legitimate

493 views • 27 slides
Denial of Service Attacks Types, Causes, Motives & Remedies By M. Raza ur Rehman NUST

Denial of Service Attacks Types, Causes, Motives & Remedies By M. Raza ur Rehman NUST

Denial of Service Attacks Types, Causes, Motives & Remedies By M. Raza ur Rehman NUST PAKCON 2004 Denial of Service Attacks Attempts to prevent or disturb legitimate access to co mputer resources Resources like bandwidth, services

557 views • 18 slides
Denial of Service A/acks Cunsheng Ding Department of CSE HKUST, Hong Kong Acknowledgements:

Denial of Service A/acks Cunsheng Ding Department of CSE HKUST, Hong Kong Acknowledgements:

Denial of Service A/acks Cunsheng Ding Department of CSE HKUST, Hong Kong Acknowledgements: Materials are taken from the Internet COMP4631 1 Agenda of this lecture Zombie computers, bots, botnets Denial of service (DoS) a/acks

630 views • 45 slides
CSE 543 - Computer Security Lecture 22 - Denial of Service November 15, 2007 URL:

CSE 543 - Computer Security Lecture 22 - Denial of Service November 15, 2007 URL:

CSE 543 - Computer Security Lecture 22 - Denial of Service November 15, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger 1 Denial of Service Intentional prevention

663 views • 25 slides
Denial of Service Attacks that prevent legitimate users from doing their work By flooding

Denial of Service Attacks that prevent legitimate users from doing their work By flooding

Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing tables Or flooding routers Or destroying key packets Lecture 9 Page 1 CS 236 Online How Do Denial of

259 views • 15 slides
Automated Detection of Guessing and Denial of Service Attacks in Security Protocols Marius Minea

Automated Detection of Guessing and Denial of Service Attacks in Security Protocols Marius Minea

Automated Detection of Guessing and Denial of Service Attacks in Security Protocols Marius Minea Politehnica University of Timi soara CMACS seminar, CMU, 18 March 2010 In this talk Formalizing attacks on protocols denial of service by

732 views • 45 slides
A study of denial of service attacks on the Internet David J. Marchette marchettedj@nswc.navy.mil

A study of denial of service attacks on the Internet David J. Marchette marchettedj@nswc.navy.mil

A study of denial of service attacks on the Internet David J. Marchette marchettedj@nswc.navy.mil Naval Surface Warfare Center Code B10 < > - + A study of denial of service attacks on the Internet p.1/39 Outline Background

761 views • 54 slides
Using A Cost-Based Framework For Analyzing Denial Of Service Presented By: Joan Paul A

Using A Cost-Based Framework For Analyzing Denial Of Service Presented By: Joan Paul A

Using A Cost-Based Framework For Analyzing Denial Of Service Presented By: Joan Paul A Cost-Based Framework for Analysis of Denial of Service in Networks Catherine Meadows (2001) Analyzing DoS-Resistance of Protocols Using a

287 views • 28 slides
Computer Security Buffer Overflows Denial of Service MIE456 Joseph Kong Overview Program

Computer Security Buffer Overflows Denial of Service MIE456 Joseph Kong Overview Program

Computer Security Buffer Overflows Denial of Service MIE456 Joseph Kong Overview Program Exploitation Buffer Overflows Memory Declaration Smashing The Stack TCP/IP Three Way Handshake Denial of Service SYN Flooding

403 views • 13 slides
Distributed Denial of Service Attacks & Defenses Guest Lecture by: Vamsi Kambhampati Fall

Distributed Denial of Service Attacks & Defenses Guest Lecture by: Vamsi Kambhampati Fall

Distributed Denial of Service Attacks & Defenses Guest Lecture by: Vamsi Kambhampati Fall 2011 Distributed Denial of Service (DDoS) Exhaust resources of a target, or the resources it depends on Resources: CPU, Memory, Bandwidth

427 views • 23 slides
ECE590 Computer and Information Security Fall 2018 Denial of Service Attacks Tyler Bletsch

ECE590 Computer and Information Security Fall 2018 Denial of Service Attacks Tyler Bletsch

ECE590 Computer and Information Security Fall 2018 Denial of Service Attacks Tyler Bletsch Duke University Denial-of-Service (DoS) Attack The NIST Computer Security Incident Handling Guide defines a DoS attack as: An action that

565 views • 28 slides
Computer and Information Security Fall 2019 Denial of Service Attacks Tyler Bletsch Duke

Computer and Information Security Fall 2019 Denial of Service Attacks Tyler Bletsch Duke

ECE590 Computer and Information Security Fall 2019 Denial of Service Attacks Tyler Bletsch Duke University Denial-of-Service (DoS) Attack The NIST Computer Security Incident Handling Guide defines a DoS attack as: An action that

314 views • 28 slides
Availability Policies Chapter 7 Computer Security: Art and Science , 2 nd Edition Version 1.1

Availability Policies Chapter 7 Computer Security: Art and Science , 2 nd Edition Version 1.1

Availability Policies Chapter 7 Computer Security: Art and Science , 2 nd Edition Version 1.1 Slide 7-1 Outline Goals Deadlock Denial of service Constraint-based model State-based model Networks and flooding

971 views • 63 slides
Network Security: Network Flooding Seungwon Shin, KAIST Most slides from Dr. Dan Boneh and

Network Security: Network Flooding Seungwon Shin, KAIST Most slides from Dr. Dan Boneh and

Network Security: Network Flooding Seungwon Shin, KAIST Most slides from Dr. Dan Boneh and Darren Anstee What is a Denial of Service Attack? Goal take out a large site with little computing work Network Bandwidth Computing Power Processor

694 views • 31 slides
A Brief History of the World 1 CEN-5079: 11.April.2019 Network Security Lecture 10 2

A Brief History of the World 1 CEN-5079: 11.April.2019 Network Security Lecture 10 2

A Brief History of the World 1 CEN-5079: 11.April.2019 Network Security Lecture 10 2 CEN-5079: 11.April.2019 Why and Who Attack Networks ? Challenge : Hackers Money : Espionage Money : Organized Crime Ideology :

728 views • 57 slides
Security Middleware for Distributed applications Professor : Sophie Chabridon Ma Siqi Shalini

Security Middleware for Distributed applications Professor : Sophie Chabridon Ma Siqi Shalini

Security Middleware for Distributed applications Professor : Sophie Chabridon Ma Siqi Shalini Nagar 1 CONTENTS Security Characterizing Security General Scenario Tactics for Security A Design Checklist for Security Summary 2 01

487 views • 25 slides
INTRODUCTION COMPUTER & NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is

INTRODUCTION COMPUTER & NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is

INTRODUCTION COMPUTER & NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is security? Why is it so hard to achieve? Administrative The security mindset Analyzing a systems security 1. Summarize the system 2.

801 views • 43 slides
DDoS Last Class Fault tolerance Concurrency Naming This Class Networking How

DDoS Last Class Fault tolerance Concurrency Naming This Class Networking How

DDoS Last Class Fault tolerance Concurrency Naming This Class Networking How DDoS works UDP Data Client Server Response TCP DDoS Distributed denial-of-service attack Attacker targets a victim from a number of

356 views • 22 slides
Introduction to Computer Security Session 2.2 Denial of Service Prof. Nadim Kobeissi 2.2a

Introduction to Computer Security Session 2.2 Denial of Service Prof. Nadim Kobeissi 2.2a

CSCI-UA.9480 Introduction to Computer Security Session 2.2 Denial of Service Prof. Nadim Kobeissi 2.2a Defining Denial of Service 2 CSCI-UA.9480: Introduction to Computer Security Nadim Kobeissi What is a Denial of Service attack? An

920 views • 23 slides
Mitigating IoT Device Based DDoS Attacks Using Blockchain Uzair Javaid, Ang Kiang Siang, Muhammad

Mitigating IoT Device Based DDoS Attacks Using Blockchain Uzair Javaid, Ang Kiang Siang, Muhammad

Mitigating IoT Device Based DDoS Attacks Using Blockchain Uzair Javaid, Ang Kiang Siang, Muhammad Naveed Aman, Biplab Sikdar by Uzair Javaid National University of Singapore, Singapore Cryblock , MobiSys 18, Munich, Germany Dated: June 15,

404 views • 15 slides

More recommend