DDOS Attack

Published on July 2016 | Categories: Documents | Downloads: 55 | Comments: 0 | Views: 388
of 1
Download PDF   Embed   Report

DDos Description

Comments

Content

What is a DDOS Attack?
In computing, a denial-of-service attack (DoS attack) or distributed denial-ofservice attack (DDoS attack) is an attempt to make a machine or network resource
unavailable to its intended users.
Methods of Attack:
 Consumption of computational resources, such as bandwidth, disk space, or
processor time.
 Disruption of configuration information, such as routing information.
 Disruption of state information, such as unsolicited resetting of TCP
sessions.
 Disruption of physical network components.
 Obstructing the communication media between the intended users and the
victim so that they can no longer communicate adequately.
Prevention
1. Firewalls can be setup to have simple rules such to allow or deny
protocols, ports or IP addresses. This is not a good method, as shutting
down a port of service prevents service reaching legitimate traffic. It is
effective in stopping attacks by one person, or a small group.
2. Switches. This method of Defense is useful in closing half-open
connections, or SYN Floods.
3. Routers These are the most primitive defense and are easily passed by
4. Application front end hardware. This is software that monitors the flow of
traffic (packets) in and out of a system or server. It prioritizes dangerous
packets and can heighten security accordingly.
5. Intrusion Prevention System Very like application front end hardware.
However they apply over an entire network. IPS can take such actions as
sending an alarm, dropping the malicious packets, resetting the connection
and/or blocking the traffic from the offending IP address.
6. DDS based defense This is purpose built software meant to detect
connection based DDoS attacks and stop them. Good at identifying good
content with bad intent.
7. Blackholes All traffic from a detected source (by one of the previous
systems) is sent to a data “blackhole”. This is easily overwhelmed by more
severe attacks.
8. Clean Pipes This is the screening of data before it enters a network or
computer by transportation through proxies or direct circuits. This requires
central connectivity to the internet.

Sponsor Documents

Or use your account on DocShare.tips

Hide

Forgot your password?

Or register your new account on DocShare.tips

Hide

Lost your password? Please enter your email address. You will receive a link to create a new password.

Back to log-in

Close