Denial of Service

1
Denial of Service

• Written and Presented by
• Craig Schweitzer

2
Denial of Service (Summary)

• What is a denial of service (DoS) attack?
• What are the types of DoS attacks?
• What are the solutions to DoS attacks?

3
What is Denial of Service?

• An attack on a network
• Harms or stops network from running
• Not used to gain unauthorized entry, just to mess
  it up
• User or organization is deprived of services that
  are usually expected
• Destroy the networks usability and make it
  unable to function properly

4
Types of DoS Attacks

• Physical destruction of network components
• Use of scarce, limited, or non-renewable
  resources
• Destruction or alteration of configuration
  information

5
Physical Destruction of Network Components

• Not very technical
• Easiest type of attack
• More of a security issue
• Can lead to more serious problems than just DoS
  attack
• Occurs when a cable is cut, server is destroyed,
  etc.

6
Consumption of Scarce, Limited, or Non-Renewable
Resources

• SYN Attack
• Buffer Overflow Attack
• Teardrop Attack
• Smurf Attack
• UDB Port DoS
• Bandwidth Consumption
• E-mail Bombing or Spamming

7
Consumption of Scarce, Limited, or Non-Renewable
Resources(Contd)

• Generating errors that must be logged
• Placing files in anonymous ftp areas or network
  shares

8
SYN Attack

• Network connectivity attack
• Begins when TCP is initiated
• Sends many requests to the connection
• Does not respond to reply
• Leaves the initial packet in buffer so that other
  connections cannot be initiated

9
Other Attacks

• Buffer Overflow Attack Sending larger than
  anticipated amount of data
• Teardrop Attack Attacks the weakness of the IP
  address Divides large files into
  fragments Attaches confusing info to a later
  fragment

10
Other Attacks (Contd)

• Smurf Attack IP spoofed packets Floods the
  hosts network
• UDB Port Denial of Service Use your own
  resources against you
• Bandwidth Consumption
• E-mail Bombing or Spamming

11
Alteration or Destruction of Configuration
Information

• Altering routing information
• Altering registry values
• Basically, any outside alteration of any
  significant configuration information

12
Means of Prevention

• The first rule to combating a denial of service
  attack is to plan ahead
• Without an initial plan, your system is wide open
  to imminent doom
• Do a cost benefit analysis on whether it would be
  worth while to secure your system before a
  problem occurs against the down-time due to a DoS
  attack

13
Means of Prevention (Contd)

• After the analysis occurs, implement your system
• Implement router filters to protect against SYN
  Flooding and accidental DoS attacks initiated by
  the users
• Install all available and many times necessary
  patches to protect the network
• Disable any unused or unnecessary network services

14
Prevention while Network is Implemented

• Watch the system carefully
• Make sure there is no substantial irregular
  activity occurring on the network
• Check the network configuration to make sure it
  is implemented properly
• Have a back-up system that can be used in case
  any severe problems occur in the original machine

15
Prevention while Network is Implemented (Contd)

• Make sure your passwords and back-ups are up to
  date so you can easily restart the network from a
  safe start point
• Trace any problem back to the source IP and
  combat these problems through administrative or
  legal actions

16
Summary

• We now understand what a DoS Attack is
• We now know many different types of DoS Attacks
  and a little about what they are meant to do
• We now understand how to combat DoS Attacks from
  harming our network, and know what to do if they
  occur

17
References

• http//whatis.techtarget.com/definition/0,289893,s
  id9_gci213591,00.html
• http//www.isprank.com/glossary/DenialofService.
  html
• http//www.cert.org/tech_tips/denial_of_service.ht
  ml
• http//www.cs.hut.fi/peronen/publications/netsec_
  2000.pdf