SlideShare a Scribd company logo

DDoS ATTACKS

Download as PPTX, PDF
Anil Antony
Anil Antony

some of the easy to understand ddos attacks explanation

TechnologyNews & Politics
1 of 35
ANIL ANTONY SEMESTER 8 ELECTRONICS AND COMMUNICATION ENGINEERING
DDoS - Introduction  Although the Internet has made our life simpler the virtual world is not as safe as we think it is.  Attacks to privacy , property or data can happen at any time to anyone  DDoS is one such fearful attack which targets mainly those companies or institutions which uses online services for their customers
 Some of the infamous DDoS attacks include  the in February 2000, Yahoo! Experienced one of the first major DDoS flooding attacks that kept the company’s services off the Internet for about 2 hours incurring a significant loss in advertising revenue  the attacks against major government news media and financial websites in South Korea and the United States in July 2009  the DDoS flooding attacks on organizations such as Mastercard.com, PayPal, Visa.com orchestrated by a group calling themselves ”Anonymous” on December 2010,
What is DDOS ?  The concept of DDoS can be explained using an example as follows.
Phases in a DDoS attack STEP 1 : Recruiting of slave/zombie machines e.g. : using pirated softwares , unknown links , untrusted sites etc. When a computer has become a zombie it has the code to infect other computers to which it is connected STEP 2 : discovering the vulnerability of the target (using small scale attacks before the actual attack) This is done to check whether the target has taken any precautionary measures or not.
STEP 3 : Sending the attack instructions to the slaves This is usually done using IRC or Internet Relay Chats or by other forms of communication between the attacker ie maker of the botnet and the virus which is present in a zombie computer. STEP 4 : ATTACK On getting the instruction to attack all the zombie computers starts sending messages simultaneously and continuously to the target server.The server tries to reply to all requests but after sometime server gets overpowered and it crashes.
AFTEREFFECT After a website’s server has been hit by a DDoS attack all the other legitimate user who want to use the website are denied access to it and they see a timeout error as follws.
Why DDoS attacks done? Some of the reasons for a DDoS attack are:  Financial/economical gain Hackers in this case are hired by one company to attack against its opponent  Revenge Performed by an individual for the injustice he had suffered  For fun or show off  Cyberwarfare (organised by terrorist groups or y one country against another) etc
TYPES OF DDOS ATTACKS
1. SMURF ATTACK Before this we must know some basic terms. 1) Router It is a switching device to which all the devices in a network are connected to which has a specific address called broadcast address. 2) Broadcast address A broadcast address is an address at which all the devices connected to a network are enabled to receive packets. A message sent to a broadcast address is typically received by all network-attached hosts, rather than by a specific host.
2) IP address spoofing In computer networking, IP address spoofing or IP spoofing is the creation of Internet Protocol (IP) packets with a fake source IP address, with the purpose of concealing the identity of the sender for impersonating another computing system. 3) ICMP messages These are the messages which are send to detect the status of a network. ICMP messages are send to the broadcast address of a network , and after receiving this ICMP message the devices connected to this network sends back ICMP reply messages to the IP address which had send them the ICMP messages.
Different phases of attack: 1. IP address of the victim is obtained by the attacking computer. 2. Using this spoofed IP address the attacker sends ICMF messages to a network’s broadcasting address. 3. All the devices in this network gets these ICMF messages and they send back ICMF replies to the IP address of the victim. 4. Victim get flooded with packets coming from all these zombies and crashes.
Steps to protect against smurf attacks  Configure the router to not contact all the devices connected to its network when an ICMF message is obtained to its broadcast address.  Setup a firewall so as to filters unwanted messages.
2. TCP SYN/ACK ATTACK Before explaining of this attack some basic terms should be understood. 1) TCP or Transmission Control Protocol It is a set of rules or protocol which is needed for sending packets from one device to another. For a system to send data packets to another system the following procedure must take place initially.
Different phases of attack: 1. The attacker obtains the IP addresses of various systems. 2. Impersonating as these systems the attacker sends a number of SYN requests which is the first signal to be sent for establishing a TCP connection with a 3 way handshake. 3. The server which holds the website replies with a TCP SYN/ACK reply on receiving the SYN requests and waits for the ACK signal to receive from the IP address which had been spoofed by the attacker. 4. The server thus wastes it resources and bandwidth and waits for the ACK signal to be received.
Steps to protect against TCP/ACK attacks 1) Decrease the TCP Connection Timeout on the victim server so that server waits for only little time and stops waiting for TCP ACK signal after that time. 2) Using firewall as an intermediatory between the attacker and server.
3. UDP FLOOD ATTACK Basic terminology used: 1) Ports used for different applications In a computer network any computer is identified by its IP address. But if there are more than one application running in a computer at the same time for eg sending a mail and browsing the web then a port number is assigned to each of these applications. eg for sending mail port number 25 is used for browsing port number 80 is used etc….
In this way each application uses different ports and ports used for a particular application cant be used for any other applications. WHAT IF A DATA PACKET TO A SYSTEM IS SEND TO A WRONG PORT ? If received by a wrong port, the receiving device rejects the received message and sends back a message called “destination unreachable” to the device which had sent the data packet to wrong port.
Different phases of attack: 1) As always the attacker obtains IP addresses of many devices. 2) He now sends data packets to random ports of the the server. 3) The server finds that the data packet received was in the wrong port and tries to notify the sender of the data packet that he has sent it to the wrong port by sending back a destination unreachable message. 4) Even though the server does this the continuous flow of data packets to different ports of the server continues and server has time only to send destination unreachable packet and server crashes due to overload.
Steps to protect against UDP flood attacks 1) Limit the rate at which destination unreachable messages are sent or not send such packets. 2) Introduce a firewall before the server to check whether the incoming packets are assigned to the correct port or not.If correct then pass the packets, else reject the packet.
4. DNS DDoS ATTACK Basic terminology used: 1) DNS or Domain Name System server: Each and every hostname say www.fb.com is stored in a server and each server has an IP address associated with it. The actual hostname cant be used by a machine. For a website’s address to be easily processed we represent it as an IP address. A DNS server is a specialised server whose job is to keep a database of hostnames as well as its corresponding IP addresses so that when it gets a DNS request it can send a corresponding IP address as reply.
2) DNS request: It is the request send to a DNS server by a web browser. The browser sends a hostname to the DNS server and the server replies with the corresponding IP address of the hostname.
Phases in attack: 1) Attacker asks the botnets ie zombies to send DNS queries of a site say www.whatever.com to a DNS server and the zombies are impersonated as the target server. Target server is the server which attacker tries to destroy. 2) The DNS server thinks that it is the target server which is requesting the pages and so the DNS server sends these requested page’s IP address as reply to the target server. 3) The target server is unaware of all these and suddenly it starts receiving a load of DNS replies and server crashes.
Steps to protect against DNS DDoS attacks 1) Once you know the IP addresses of the sites which the DNS server is sending to you continuously, it is a simple matter to use your firewall to block traffic from those addresses. This blocking stops further DNS DDoS attacks.
5. PEER TO PEER ATTACKS Basic terminology used: 1)Peer to peer(P2P) network: A peer-to-peer (P2P) network is a type of decentralized and distributed network architecture in which individual devices in the network (called "peers") act as both suppliers and consumers of resources, in contrast to the centralized client–server model where client nodes request access to resources provided by central servers.
Different phases in attack: 1) The attacker acts as a "puppet master," instructing clients of large peer-to-peer file sharing networks to disconnect from their peer-to-peer network and to connect to the victim's website instead. 2) Several thousand computers may aggressively try to connect to the target website specified by the attacker for downloading/uploading files. 3) Server gets confused of whats going on with the continuous arrival of requests from several thousand computers and crashes.
Steps to protect against P2P network attacks 1) To have a semi centralised authority to track large scale malicious P2P network activity. 2) Update the torrent clients as most of the P2P attacks are done using those computers running old torrent clients whose loopholes hadn't been fixed.
Future developments in DDoS Although present developments are almost adequate for protecting servers and websites against DDoS attacks, newer and newer DDoS techniques are evolving. This puts us in a position to develop newer, efficient and sophisticated algorithms and methods to counter this rapidly growing threat.
THANK YOU !!!

Recommended

DDOS Attack
DDOS Attack DDOS Attack
DDOS Attack Ahmed Salama
 
DDoS - Distributed Denial of Service
DDoS - Distributed Denial of ServiceDDoS - Distributed Denial of Service
DDoS - Distributed Denial of ServiceEr. Shiva K. Shrestha
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attackKaustubh Padwad
 
Denial of service
Denial of serviceDenial of service
Denial of servicegarishma bhatia
 
Ddos attacks
Ddos attacksDdos attacks
Ddos attackscommunication-eg
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service AttacksHansa Nidushan
 
DDoS Attacks
DDoS AttacksDDoS Attacks
DDoS AttacksJignesh Patel
 
DDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtDDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtNitin Bisht
 

Recommended

DDOS Attack
DDOS Attack DDOS Attack
DDOS Attack Ahmed Salama
 
DDoS - Distributed Denial of Service
DDoS - Distributed Denial of ServiceDDoS - Distributed Denial of Service
DDoS - Distributed Denial of ServiceEr. Shiva K. Shrestha
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attackKaustubh Padwad
 
Denial of service
Denial of serviceDenial of service
Denial of servicegarishma bhatia
 
Ddos attacks
Ddos attacksDdos attacks
Ddos attackscommunication-eg
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service AttacksHansa Nidushan
 
DDoS Attacks
DDoS AttacksDDoS Attacks
DDoS AttacksJignesh Patel
 
DDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtDDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtNitin Bisht
 
Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Gaurav Sharma
 
Web application attacks
Web application attacksWeb application attacks
Web application attackshruth
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissanceNishaYadav177
 
Presentation on Web Attacks
Presentation on Web AttacksPresentation on Web Attacks
Presentation on Web AttacksVivek Sinha Anurag
 
12 types of DDoS attacks
12 types of DDoS attacks12 types of DDoS attacks
12 types of DDoS attacksHaltdos
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionUmesh Dhital
 
Intrusion Prevention System
Intrusion Prevention SystemIntrusion Prevention System
Intrusion Prevention SystemVishwanath Badiger
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applicationsNiyas Nazar
 
Network Security
Network SecurityNetwork Security
Network SecurityMAJU
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attackAhmed Ghazey
 
Dos attack
Dos attackDos attack
Dos attackManjushree Mashal
 
Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Cleverence Kombe
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention systemNikhil Raj
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentationMahmoud Ibra
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPSSantosh Khadsare
 
Denial of Service Attack
Denial of Service AttackDenial of Service Attack
Denial of Service AttackDhrumil Panchal
 
DNS spoofing/poisoning Attack
DNS spoofing/poisoning AttackDNS spoofing/poisoning Attack
DNS spoofing/poisoning AttackFatima Qayyum
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionCAS
 
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEthical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEric Vanderburg
 
Security problems - Ddos Slowloris HTTP Dos
Security problems - Ddos Slowloris HTTP DosSecurity problems - Ddos Slowloris HTTP Dos
Security problems - Ddos Slowloris HTTP DosGichan Lee
 
DDoS Attack
DDoS AttackDDoS Attack
DDoS AttackGopi Krishnan S
 

More Related Content

What's hot

Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Gaurav Sharma
 
Web application attacks
Web application attacksWeb application attacks
Web application attackshruth
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissanceNishaYadav177
 
12 types of DDoS attacks
12 types of DDoS attacks12 types of DDoS attacks
12 types of DDoS attacksHaltdos
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionUmesh Dhital
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applicationsNiyas Nazar
 
Network Security
Network SecurityNetwork Security
Network SecurityMAJU
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attackAhmed Ghazey
 
Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Cleverence Kombe
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention systemNikhil Raj
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentationMahmoud Ibra
 
Denial of Service Attack
Denial of Service AttackDenial of Service Attack
Denial of Service AttackDhrumil Panchal
 
DNS spoofing/poisoning Attack
DNS spoofing/poisoning AttackDNS spoofing/poisoning Attack
DNS spoofing/poisoning AttackFatima Qayyum
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionCAS
 
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEthical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEric Vanderburg
 

What's hot (20)

Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)
 
Web application attacks
Web application attacksWeb application attacks
Web application attacks
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissance
 
Presentation on Web Attacks
Presentation on Web AttacksPresentation on Web Attacks
Presentation on Web Attacks
 
12 types of DDoS attacks
12 types of DDoS attacks12 types of DDoS attacks
12 types of DDoS attacks
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
Intrusion Prevention System
Intrusion Prevention SystemIntrusion Prevention System
Intrusion Prevention System
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applications
 
Network Security
Network SecurityNetwork Security
Network Security
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attack
 
Dos attack
Dos attackDos attack
Dos attack
 
Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention system
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentation
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPS
 
Denial of Service Attack
Denial of Service AttackDenial of Service Attack
Denial of Service Attack
 
DNS spoofing/poisoning Attack
DNS spoofing/poisoning AttackDNS spoofing/poisoning Attack
DNS spoofing/poisoning Attack
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEthical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
 

Viewers also liked

Security problems - Ddos Slowloris HTTP Dos
Security problems - Ddos Slowloris HTTP DosSecurity problems - Ddos Slowloris HTTP Dos
Security problems - Ddos Slowloris HTTP DosGichan Lee
 
DDoS Attack Detection & Mitigation in SDN
DDoS Attack Detection & Mitigation in SDNDDoS Attack Detection & Mitigation in SDN
DDoS Attack Detection & Mitigation in SDNChao Chen
 
DDos Attacks and Web Threats: How to Protect Your Site & Information
DDos Attacks and Web Threats: How to Protect Your Site & InformationDDos Attacks and Web Threats: How to Protect Your Site & Information
DDos Attacks and Web Threats: How to Protect Your Site & Informationjenkoon
 
Ddos attack definitivo
Ddos attack definitivoDdos attack definitivo
Ddos attack definitivolilith333
 
Operation of Ping - (Computer Networking)
Operation of Ping - (Computer Networking) Operation of Ping - (Computer Networking)
Operation of Ping - (Computer Networking) Jubayer Al Mahmud
 
Module 6 Session Hijacking
Module 6 Session HijackingModule 6 Session Hijacking
Module 6 Session Hijackingleminhvuong
 
Overview on security and privacy issues in wireless sensor networks-2014
Overview on security and privacy issues in wireless sensor networks-2014Overview on security and privacy issues in wireless sensor networks-2014
Overview on security and privacy issues in wireless sensor networks-2014Tarek Gaber
 
CEH - Module 10 : Denial of Service
CEH - Module 10 : Denial of ServiceCEH - Module 10 : Denial of Service
CEH - Module 10 : Denial of ServiceAvirot Mitamura
 
Stand off between India and Pakistan over Uri Attack
Stand off between India and Pakistan over Uri AttackStand off between India and Pakistan over Uri Attack
Stand off between India and Pakistan over Uri AttackZumra Cheema
 
MIRAI: What is It, How Does it Work and Why Should I Care?
MIRAI: What is It, How Does it Work and Why Should I Care?MIRAI: What is It, How Does it Work and Why Should I Care?
MIRAI: What is It, How Does it Work and Why Should I Care?Memoori
 
Session Hijacking ppt
Session Hijacking pptSession Hijacking ppt
Session Hijacking pptHarsh Kevadia
 
Wireless sensor network security issues
Wireless sensor network security issuesWireless sensor network security issues
Wireless sensor network security issuesMaha Saad
 
DDoS Attacks : Preparation Detection Mitigation
DDoS Attacks : Preparation Detection MitigationDDoS Attacks : Preparation Detection Mitigation
DDoS Attacks : Preparation Detection MitigationFakrul Alam
 
An introduction to denial of service attacks
An introduction to denial of service attacksAn introduction to denial of service attacks
An introduction to denial of service attacksRollingsherman
 
Penetrasyon Testlerinde Açık Kod Yazılımların Kullanımı
Penetrasyon Testlerinde Açık Kod Yazılımların KullanımıPenetrasyon Testlerinde Açık Kod Yazılımların Kullanımı
Penetrasyon Testlerinde Açık Kod Yazılımların KullanımıBGA Cyber Security
 
India's Surgical Strikes on Pakistan - Perception Analysis
India's Surgical Strikes on Pakistan - Perception AnalysisIndia's Surgical Strikes on Pakistan - Perception Analysis
India's Surgical Strikes on Pakistan - Perception AnalysisRohit Joshi
 
(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS Attacks(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS AttacksAmazon Web Services
 

Viewers also liked (20)

Security problems - Ddos Slowloris HTTP Dos
Security problems - Ddos Slowloris HTTP DosSecurity problems - Ddos Slowloris HTTP Dos
Security problems - Ddos Slowloris HTTP Dos
 
DDoS Attack
DDoS AttackDDoS Attack
DDoS Attack
 
DDoS Attack Detection & Mitigation in SDN
DDoS Attack Detection & Mitigation in SDNDDoS Attack Detection & Mitigation in SDN
DDoS Attack Detection & Mitigation in SDN
 
DDos Attacks and Web Threats: How to Protect Your Site & Information
DDos Attacks and Web Threats: How to Protect Your Site & InformationDDos Attacks and Web Threats: How to Protect Your Site & Information
DDos Attacks and Web Threats: How to Protect Your Site & Information
 
Ddos attack definitivo
Ddos attack definitivoDdos attack definitivo
Ddos attack definitivo
 
Hacking
HackingHacking
Hacking
 
Operation of Ping - (Computer Networking)
Operation of Ping - (Computer Networking) Operation of Ping - (Computer Networking)
Operation of Ping - (Computer Networking)
 
Module 6 Session Hijacking
Module 6 Session HijackingModule 6 Session Hijacking
Module 6 Session Hijacking
 
Overview on security and privacy issues in wireless sensor networks-2014
Overview on security and privacy issues in wireless sensor networks-2014Overview on security and privacy issues in wireless sensor networks-2014
Overview on security and privacy issues in wireless sensor networks-2014
 
CEH - Module 10 : Denial of Service
CEH - Module 10 : Denial of ServiceCEH - Module 10 : Denial of Service
CEH - Module 10 : Denial of Service
 
Stand off between India and Pakistan over Uri Attack
Stand off between India and Pakistan over Uri AttackStand off between India and Pakistan over Uri Attack
Stand off between India and Pakistan over Uri Attack
 
MIRAI: What is It, How Does it Work and Why Should I Care?
MIRAI: What is It, How Does it Work and Why Should I Care?MIRAI: What is It, How Does it Work and Why Should I Care?
MIRAI: What is It, How Does it Work and Why Should I Care?
 
Session Hijacking ppt
Session Hijacking pptSession Hijacking ppt
Session Hijacking ppt
 
Wireless sensor network security issues
Wireless sensor network security issuesWireless sensor network security issues
Wireless sensor network security issues
 
DDoS Attacks : Preparation Detection Mitigation
DDoS Attacks : Preparation Detection MitigationDDoS Attacks : Preparation Detection Mitigation
DDoS Attacks : Preparation Detection Mitigation
 
An introduction to denial of service attacks
An introduction to denial of service attacksAn introduction to denial of service attacks
An introduction to denial of service attacks
 
Penetrasyon Testlerinde Açık Kod Yazılımların Kullanımı
Penetrasyon Testlerinde Açık Kod Yazılımların KullanımıPenetrasyon Testlerinde Açık Kod Yazılımların Kullanımı
Penetrasyon Testlerinde Açık Kod Yazılımların Kullanımı
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
 
India's Surgical Strikes on Pakistan - Perception Analysis
India's Surgical Strikes on Pakistan - Perception AnalysisIndia's Surgical Strikes on Pakistan - Perception Analysis
India's Surgical Strikes on Pakistan - Perception Analysis
 
(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS Attacks(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS Attacks
 

Similar to DDoS ATTACKS

Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/... Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...Suhail Khan
 
BADCamp 2017 - Anatomy of DDoS
BADCamp 2017 - Anatomy of DDoSBADCamp 2017 - Anatomy of DDoS
BADCamp 2017 - Anatomy of DDoSSuzanne Aldrich
 
Internet security
Internet securityInternet security
Internet securitygohel
 
DrupalCon Vienna 2017 - Anatomy of DDoS
DrupalCon Vienna 2017 - Anatomy of DDoSDrupalCon Vienna 2017 - Anatomy of DDoS
DrupalCon Vienna 2017 - Anatomy of DDoSSuzanne Aldrich
 
Session for InfoSecGirls - New age threat management vol 1
Session for InfoSecGirls - New age threat management vol 1Session for InfoSecGirls - New age threat management vol 1
Session for InfoSecGirls - New age threat management vol 1InfoSec Girls
 
Assingement on dos ddos
Assingement on dos ddosAssingement on dos ddos
Assingement on dos ddoskalyan kumar
 
Ddos- distributed denial of service
Ddos- distributed denial of service Ddos- distributed denial of service
Ddos- distributed denial of service laxmi chandolia
 
Lecture 7 Attacker and there tools.pptx
Lecture 7 Attacker and there tools.pptxLecture 7 Attacker and there tools.pptx
Lecture 7 Attacker and there tools.pptxAsmaaLafi1
 
Network And Application Layer Attacks
Network And Application Layer AttacksNetwork And Application Layer Attacks
Network And Application Layer AttacksArun Modi
 

Similar to DDoS ATTACKS (20)

DDoS-bdNOG
DDoS-bdNOGDDoS-bdNOG
DDoS-bdNOG
 
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/... Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
 
Module 9 Dos
Module 9 DosModule 9 Dos
Module 9 Dos
 
BADCamp 2017 - Anatomy of DDoS
BADCamp 2017 - Anatomy of DDoSBADCamp 2017 - Anatomy of DDoS
BADCamp 2017 - Anatomy of DDoS
 
DoS.ppt
DoS.pptDoS.ppt
DoS.ppt
 
DoS.ppt
DoS.pptDoS.ppt
DoS.ppt
 
DoS.ppt
DoS.pptDoS.ppt
DoS.ppt
 
Internet security
Internet securityInternet security
Internet security
 
Internet security
Internet securityInternet security
Internet security
 
DrupalCon Vienna 2017 - Anatomy of DDoS
DrupalCon Vienna 2017 - Anatomy of DDoSDrupalCon Vienna 2017 - Anatomy of DDoS
DrupalCon Vienna 2017 - Anatomy of DDoS
 
DoS/DDoS
DoS/DDoSDoS/DDoS
DoS/DDoS
 
L1803046876
L1803046876L1803046876
L1803046876
 
Dos.pptx
Dos.pptxDos.pptx
Dos.pptx
 
Session for InfoSecGirls - New age threat management vol 1
Session for InfoSecGirls - New age threat management vol 1Session for InfoSecGirls - New age threat management vol 1
Session for InfoSecGirls - New age threat management vol 1
 
114331707
114331707114331707
114331707
 
Aw36294299
Aw36294299Aw36294299
Aw36294299
 
Assingement on dos ddos
Assingement on dos ddosAssingement on dos ddos
Assingement on dos ddos
 
Ddos- distributed denial of service
Ddos- distributed denial of service Ddos- distributed denial of service
Ddos- distributed denial of service
 
Lecture 7 Attacker and there tools.pptx
Lecture 7 Attacker and there tools.pptxLecture 7 Attacker and there tools.pptx
Lecture 7 Attacker and there tools.pptx
 
Network And Application Layer Attacks
Network And Application Layer AttacksNetwork And Application Layer Attacks
Network And Application Layer Attacks
 

Recently uploaded

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 

Recently uploaded (20)

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 

DDoS ATTACKS

  • 1. ANIL ANTONY SEMESTER 8 ELECTRONICS AND COMMUNICATION ENGINEERING
  • 2. DDoS - Introduction  Although the Internet has made our life simpler the virtual world is not as safe as we think it is.  Attacks to privacy , property or data can happen at any time to anyone  DDoS is one such fearful attack which targets mainly those companies or institutions which uses online services for their customers
  • 3.  Some of the infamous DDoS attacks include  the in February 2000, Yahoo! Experienced one of the first major DDoS flooding attacks that kept the company’s services off the Internet for about 2 hours incurring a significant loss in advertising revenue  the attacks against major government news media and financial websites in South Korea and the United States in July 2009  the DDoS flooding attacks on organizations such as Mastercard.com, PayPal, Visa.com orchestrated by a group calling themselves ”Anonymous” on December 2010,
  • 4. What is DDOS ?  The concept of DDoS can be explained using an example as follows.
  • 5. Phases in a DDoS attack STEP 1 : Recruiting of slave/zombie machines e.g. : using pirated softwares , unknown links , untrusted sites etc. When a computer has become a zombie it has the code to infect other computers to which it is connected STEP 2 : discovering the vulnerability of the target (using small scale attacks before the actual attack) This is done to check whether the target has taken any precautionary measures or not.
  • 6. STEP 3 : Sending the attack instructions to the slaves This is usually done using IRC or Internet Relay Chats or by other forms of communication between the attacker ie maker of the botnet and the virus which is present in a zombie computer. STEP 4 : ATTACK On getting the instruction to attack all the zombie computers starts sending messages simultaneously and continuously to the target server.The server tries to reply to all requests but after sometime server gets overpowered and it crashes.
  • 7. AFTEREFFECT After a website’s server has been hit by a DDoS attack all the other legitimate user who want to use the website are denied access to it and they see a timeout error as follws.
  • 8. Why DDoS attacks done? Some of the reasons for a DDoS attack are:  Financial/economical gain Hackers in this case are hired by one company to attack against its opponent  Revenge Performed by an individual for the injustice he had suffered  For fun or show off  Cyberwarfare (organised by terrorist groups or y one country against another) etc
  • 9. TYPES OF DDOS ATTACKS
  • 10. 1. SMURF ATTACK Before this we must know some basic terms. 1) Router It is a switching device to which all the devices in a network are connected to which has a specific address called broadcast address. 2) Broadcast address A broadcast address is an address at which all the devices connected to a network are enabled to receive packets. A message sent to a broadcast address is typically received by all network-attached hosts, rather than by a specific host.
  • 11. 2) IP address spoofing In computer networking, IP address spoofing or IP spoofing is the creation of Internet Protocol (IP) packets with a fake source IP address, with the purpose of concealing the identity of the sender for impersonating another computing system. 3) ICMP messages These are the messages which are send to detect the status of a network. ICMP messages are send to the broadcast address of a network , and after receiving this ICMP message the devices connected to this network sends back ICMP reply messages to the IP address which had send them the ICMP messages.
  • 12. Different phases of attack: 1. IP address of the victim is obtained by the attacking computer. 2. Using this spoofed IP address the attacker sends ICMF messages to a network’s broadcasting address. 3. All the devices in this network gets these ICMF messages and they send back ICMF replies to the IP address of the victim. 4. Victim get flooded with packets coming from all these zombies and crashes.
  • 13.
  • 14. Steps to protect against smurf attacks  Configure the router to not contact all the devices connected to its network when an ICMF message is obtained to its broadcast address.  Setup a firewall so as to filters unwanted messages.
  • 15. 2. TCP SYN/ACK ATTACK Before explaining of this attack some basic terms should be understood. 1) TCP or Transmission Control Protocol It is a set of rules or protocol which is needed for sending packets from one device to another. For a system to send data packets to another system the following procedure must take place initially.
  • 16.
  • 17. Different phases of attack: 1. The attacker obtains the IP addresses of various systems. 2. Impersonating as these systems the attacker sends a number of SYN requests which is the first signal to be sent for establishing a TCP connection with a 3 way handshake. 3. The server which holds the website replies with a TCP SYN/ACK reply on receiving the SYN requests and waits for the ACK signal to receive from the IP address which had been spoofed by the attacker. 4. The server thus wastes it resources and bandwidth and waits for the ACK signal to be received.
  • 18.
  • 19. Steps to protect against TCP/ACK attacks 1) Decrease the TCP Connection Timeout on the victim server so that server waits for only little time and stops waiting for TCP ACK signal after that time. 2) Using firewall as an intermediatory between the attacker and server.
  • 20. 3. UDP FLOOD ATTACK Basic terminology used: 1) Ports used for different applications In a computer network any computer is identified by its IP address. But if there are more than one application running in a computer at the same time for eg sending a mail and browsing the web then a port number is assigned to each of these applications. eg for sending mail port number 25 is used for browsing port number 80 is used etc….
  • 21. In this way each application uses different ports and ports used for a particular application cant be used for any other applications. WHAT IF A DATA PACKET TO A SYSTEM IS SEND TO A WRONG PORT ? If received by a wrong port, the receiving device rejects the received message and sends back a message called “destination unreachable” to the device which had sent the data packet to wrong port.
  • 22. Different phases of attack: 1) As always the attacker obtains IP addresses of many devices. 2) He now sends data packets to random ports of the the server. 3) The server finds that the data packet received was in the wrong port and tries to notify the sender of the data packet that he has sent it to the wrong port by sending back a destination unreachable message. 4) Even though the server does this the continuous flow of data packets to different ports of the server continues and server has time only to send destination unreachable packet and server crashes due to overload.
  • 23.
  • 24. Steps to protect against UDP flood attacks 1) Limit the rate at which destination unreachable messages are sent or not send such packets. 2) Introduce a firewall before the server to check whether the incoming packets are assigned to the correct port or not.If correct then pass the packets, else reject the packet.
  • 25. 4. DNS DDoS ATTACK Basic terminology used: 1) DNS or Domain Name System server: Each and every hostname say www.fb.com is stored in a server and each server has an IP address associated with it. The actual hostname cant be used by a machine. For a website’s address to be easily processed we represent it as an IP address. A DNS server is a specialised server whose job is to keep a database of hostnames as well as its corresponding IP addresses so that when it gets a DNS request it can send a corresponding IP address as reply.
  • 26. 2) DNS request: It is the request send to a DNS server by a web browser. The browser sends a hostname to the DNS server and the server replies with the corresponding IP address of the hostname.
  • 27. Phases in attack: 1) Attacker asks the botnets ie zombies to send DNS queries of a site say www.whatever.com to a DNS server and the zombies are impersonated as the target server. Target server is the server which attacker tries to destroy. 2) The DNS server thinks that it is the target server which is requesting the pages and so the DNS server sends these requested page’s IP address as reply to the target server. 3) The target server is unaware of all these and suddenly it starts receiving a load of DNS replies and server crashes.
  • 28.
  • 29. Steps to protect against DNS DDoS attacks 1) Once you know the IP addresses of the sites which the DNS server is sending to you continuously, it is a simple matter to use your firewall to block traffic from those addresses. This blocking stops further DNS DDoS attacks.
  • 30. 5. PEER TO PEER ATTACKS Basic terminology used: 1)Peer to peer(P2P) network: A peer-to-peer (P2P) network is a type of decentralized and distributed network architecture in which individual devices in the network (called "peers") act as both suppliers and consumers of resources, in contrast to the centralized client–server model where client nodes request access to resources provided by central servers.
  • 31. Different phases in attack: 1) The attacker acts as a "puppet master," instructing clients of large peer-to-peer file sharing networks to disconnect from their peer-to-peer network and to connect to the victim's website instead. 2) Several thousand computers may aggressively try to connect to the target website specified by the attacker for downloading/uploading files. 3) Server gets confused of whats going on with the continuous arrival of requests from several thousand computers and crashes.
  • 32.
  • 33. Steps to protect against P2P network attacks 1) To have a semi centralised authority to track large scale malicious P2P network activity. 2) Update the torrent clients as most of the P2P attacks are done using those computers running old torrent clients whose loopholes hadn't been fixed.
  • 34. Future developments in DDoS Although present developments are almost adequate for protecting servers and websites against DDoS attacks, newer and newer DDoS techniques are evolving. This puts us in a position to develop newer, efficient and sophisticated algorithms and methods to counter this rapidly growing threat.