Distributed Denial of Service - PowerPoint PPT Presentation

About This Presentation
Title:

Distributed Denial of Service

Description:

First worm: Robert Morris, November 1988. 6-10% of all Internet hosts infected ... Example Worm: Code Red. Initial version: July 13, 2001 ... – PowerPoint PPT presentation

Number of Views:51
Avg rating:3.0/5.0
Slides: 11
Provided by: nickf157
Category:

less

Transcript and Presenter's Notes

Title: Distributed Denial of Service


1
(Distributed) Denial of Service
  • Nick FeamsterCS 4251Spring 2008

2
Distributed Denial of Service (DDoS)
Daemon
Master
Daemon
Daemon
Daemon
Daemon
Real Attacker
Victim
Asymmetry comes in the form of a large farm of
machines.IP addresses no longer need to be
spoofed
3
February 2000 DDoS
Traditional protection techniques no longer
applicable.
4
DDoS Attack Yahoo!
  • February 2000
  • Intermittent outages for nearly three hours
  • Estimated to have cost Yahoo 500,000 due to
    fewer page hits during the attack
  • Attacker caught and successfully prosecuted
  • Other companies (eBay, CNN) attacked in the same
    way the following days

5
DDoS Attack Microsoft
  • Target of multiple DDoS attacks
  • Some successful, some not
  • Successful one in January 2001
  • Attacked router in front of Microsofts DNS
    servers
  • During attack, as few as 2 of web page requests
    were being fulfilled

6
DDoS Attack DNS Root Servers
  • October 2002 for 1 hour
  • Ping flood to all 13 of the DNS root servers
  • Successfully halted operations on 9
  • Did not cause major impact on Internet
  • DNS NS record caching at local resolvers helped
  • Several root servers are very well-provisioned

7
DDoS Setting up the Infrastructure
  • Zombies
  • Slow-spreading installations can be difficult to
    detect
  • Can be spread quickly with worms
  • Indirection makes attacker harder to locate
  • No need to spoof IP addresses

8
What is a Worm?
  • Code that replicates and propagates across the
    network
  • Often carries a payload
  • Usually spread via exploiting flaws in open
    services
  • Viruses require user action to spread
  • First worm Robert Morris, November 1988
  • 6-10 of all Internet hosts infected (!)
  • Many more since, but none on that scale until
    July 2001

9
Example Worm Code Red
  • Initial version July 13, 2001
  • Exploited known ISAPI vulnerability in Microsoft
    IIS Web servers
  • 1st through 20th of each month spread20th
    through end of each month attack
  • Payload Web site defacement
  • Scanning Random IP addresses
  • Bug failure to seed random number generator

10
Why Denial-of-Service Works
  • Asymmetry generating a request is cheaper than
    formulating a response
  • One attack machine can generate a lot of
    requests, and effectively multiply its power
  • Not always possible to achieve this asymmetry
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Distributed Denial of Service" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!