Sign in or 
Share this
DDOS
attacks ddos -->
http://www.csl.sri.com/users/neumann/survivability.html neumanns study about the survivability of a computer network
DDoS Attacks for the Common Man http://www.eweek.com/print_article/0,1761,a=122636,00.asp
http://www.mycert.org.my/network-abuse/dos.htm what is dos attack www.cert.org/archive/pdf/Managing_DoS.pdf Good document about how to cope with DDOS attacks http://www.informit.com/articles/article.asp?p=175930 chapter about DDOS attacks
On January 11th, 2002, the grc.com site was attacked by a new style of extremely potent attack, a distributed REFLECTION denial of service. This 23-page PDF file explains the operation and consequences of this Internet attack. It may be downloaded for offline reading, printing, or sharing http://www.grc.com/files/drdos.pdf
http://www.thecii.org/dos-resistant/meeting-1/summary.html the dos resistant working group
http://www.cs.ucl.ac.uk/staff/M.Handley/papers/dos-arch.pdf steps toward less doss
new kind of ddos attack against machine http://www.securityfocus.com/archive/1/360008/2004-04-07/2004-04-13/1
-->http://msmvps.com/harrywaldron/ one of those dns attacks on akamai : Moreover, there was no suspicious Internet traffic or DNS patterns to suggest that such a massive and distributed attack had taken place, said Craig Labovitz, director of network architecture at Arbor Networks Inc., a Lexington, Mass., provider of DoS mitigation technologies. Arbor's network monitoring tools are installed on several carrier networks around the world. In any case, the event was marked by being a step beyond "simple bandwidth attacks" on individual Web sites to more sophisticated targeting of core upstream Internet routers, DNS servers and bandwidth bottlenecks, according to Labovitz. "It's a fairly scary escalation," Labovitz said. "What we are seeing is a shift away from completely brain-dead attackers to folks who know a little bit about the network topology, trace routes and about where the DNS might live" on a network, he said and that was followed by other ddos attacks against dns servers
now it where the dns servers of .org dns attack on the servers of .org -->
http://news.netcraft.com/archives/2004/06/16/akamai_attack_highlights_threat_from_bot_networks.html The attack was "more sophisticated than we've seen before," said Leighton. "The volume was problematic, and how it was done was problematic. For this nature of attack, it was an unusual volume." While not offering details on the technique involved, he said it was "a step ahead" of known DDoS techniques. The attack targeted the DNS addresses of four large Akamai customers. "It's possible these sites were targeted, and just happened to all be our customers," said Leighton. "But we assume it was an attempt to attack Akamai." http://www.csoonline.com/read/050105/extortion.html how a betting site fought back against ddos extortists
Serverless file systems, exemplified by CFS, Farsite and OceanStore, have received significant attention from both the industry and the research community. These file systems store files on a large collection of untrusted nodes that form an overlay network. They use cryptographic techniques to maintain file confidentiality and integrity from malicious nodes. Unfortunately, cryptographic techniques cannot protect a file holder from a Denial-of-Service (DoS) or a host compromise attack. Hence, most of these distributed file systems are vulnerable to targeted file attacks, where in an adversary attempts to attack a small (chosen) set of files by attacking the nodes that host them http://www.usenix.org/events/sec05/tech/srivatsa.html
SMS DDOS against phone networks
A group of researchers from Penn State say that cell phone networks could eaily be crippled by a denial of service attack through their text messaging, or SMS features. They say that the control channels of the cell networks could be overwhelmed by even a mid-sized bot network. As an example, they hypothesize that it would only take 2.8 Mbps of bandwidth -- a fast cable modem connection -- to saturate the Washington D.C. area's cell network. Read the article about this at http://www.securitypipeline.com/171203837 . The whole paper is at http://www.smsanalysis.org/smsanalysis.pdf.
Tools
Cisco also has added a feature to IOS, known as control plane policing, that, among other things, gives administrators a dedicated management channel into routers, even when the machines are being overwhelmed by DoS attack traffic. And IOS also now includes what Cisco is calling a "transparent firewall," a feature that is designed to simplify the creation of security zones on networks http://www.eweek.com/article2/0,1759,1545804,00.asp A network admin utility for remotely detecting the most common DDoS programs. http://www.foundstone.com/resources/proddesc/ddosping.htm
http://www.softpedia.com/get/Tweak/System-Tweak/TCPIP-Stack-Hardener.shtml This tool tweaks your System and hardenes your systems TCP/IP stack against Denial of service Attacks (DOS) . Tested on XP 2000 and 2003 servers. Does not have any effect on other windows systems
http://www.csl.sri.com/users/neumann/survivability.html neumanns study about the survivability of a computer network
DDoS Attacks for the Common Man http://www.eweek.com/print_article/0,1761,a=122636,00.asp
http://www.mycert.org.my/network-abuse/dos.htm what is dos attack www.cert.org/archive/pdf/Managing_DoS.pdf Good document about how to cope with DDOS attacks http://www.informit.com/articles/article.asp?p=175930 chapter about DDOS attacks
On January 11th, 2002, the grc.com site was attacked by a new style of extremely potent attack, a distributed REFLECTION denial of service. This 23-page PDF file explains the operation and consequences of this Internet attack. It may be downloaded for offline reading, printing, or sharing http://www.grc.com/files/drdos.pdf
http://www.thecii.org/dos-resistant/meeting-1/summary.html the dos resistant working group
http://www.cs.ucl.ac.uk/staff/M.Handley/papers/dos-arch.pdf steps toward less doss
new kind of ddos attack against machine http://www.securityfocus.com/archive/1/360008/2004-04-07/2004-04-13/1
-->http://msmvps.com/harrywaldron/ one of those dns attacks on akamai : Moreover, there was no suspicious Internet traffic or DNS patterns to suggest that such a massive and distributed attack had taken place, said Craig Labovitz, director of network architecture at Arbor Networks Inc., a Lexington, Mass., provider of DoS mitigation technologies. Arbor's network monitoring tools are installed on several carrier networks around the world. In any case, the event was marked by being a step beyond "simple bandwidth attacks" on individual Web sites to more sophisticated targeting of core upstream Internet routers, DNS servers and bandwidth bottlenecks, according to Labovitz. "It's a fairly scary escalation," Labovitz said. "What we are seeing is a shift away from completely brain-dead attackers to folks who know a little bit about the network topology, trace routes and about where the DNS might live" on a network, he said and that was followed by other ddos attacks against dns servers
now it where the dns servers of .org dns attack on the servers of .org -->
http://news.netcraft.com/archives/2004/06/16/akamai_attack_highlights_threat_from_bot_networks.html The attack was "more sophisticated than we've seen before," said Leighton. "The volume was problematic, and how it was done was problematic. For this nature of attack, it was an unusual volume." While not offering details on the technique involved, he said it was "a step ahead" of known DDoS techniques. The attack targeted the DNS addresses of four large Akamai customers. "It's possible these sites were targeted, and just happened to all be our customers," said Leighton. "But we assume it was an attempt to attack Akamai." http://www.csoonline.com/read/050105/extortion.html how a betting site fought back against ddos extortists
Serverless file systems, exemplified by CFS, Farsite and OceanStore, have received significant attention from both the industry and the research community. These file systems store files on a large collection of untrusted nodes that form an overlay network. They use cryptographic techniques to maintain file confidentiality and integrity from malicious nodes. Unfortunately, cryptographic techniques cannot protect a file holder from a Denial-of-Service (DoS) or a host compromise attack. Hence, most of these distributed file systems are vulnerable to targeted file attacks, where in an adversary attempts to attack a small (chosen) set of files by attacking the nodes that host them http://www.usenix.org/events/sec05/tech/srivatsa.html
SMS DDOS against phone networks
A group of researchers from Penn State say that cell phone networks could eaily be crippled by a denial of service attack through their text messaging, or SMS features. They say that the control channels of the cell networks could be overwhelmed by even a mid-sized bot network. As an example, they hypothesize that it would only take 2.8 Mbps of bandwidth -- a fast cable modem connection -- to saturate the Washington D.C. area's cell network. Read the article about this at http://www.securitypipeline.com/171203837 . The whole paper is at http://www.smsanalysis.org/smsanalysis.pdf.
Tools
Cisco also has added a feature to IOS, known as control plane policing, that, among other things, gives administrators a dedicated management channel into routers, even when the machines are being overwhelmed by DoS attack traffic. And IOS also now includes what Cisco is calling a "transparent firewall," a feature that is designed to simplify the creation of security zones on networks http://www.eweek.com/article2/0,1759,1545804,00.asp A network admin utility for remotely detecting the most common DDoS programs. http://www.foundstone.com/resources/proddesc/ddosping.htm
http://www.softpedia.com/get/Tweak/System-Tweak/TCPIP-Stack-Hardener.shtml This tool tweaks your System and hardenes your systems TCP/IP stack against Denial of service Attacks (DOS) . Tested on XP 2000 and 2003 servers. Does not have any effect on other windows systems
|
ekz |
Latest page update: made by ekz
, Jun 22 2006, 4:23 AM EDT
(about this update
About This Update
Edited by ekz
688 words added view changes - complete history) |
|
Keyword tags:
DDoS
More Info: links to this page
|
There are no threads for this page.
Be the first to start a new thread.
