Upload File

(distributed) denial of service nick feamster cs 4251 spring 2008

  • Home
  • Documents
  • (Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008
10
(Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008

Upload: amia-caldwell

Post on 27-Mar-2015

214 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: (Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008

(Distributed) Denial of Service

Nick FeamsterCS 4251

Spring 2008

Page 2: (Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008

Distributed Denial of Service (DDoS)

Victim

Daemon

Daemon

DaemonDaemon

Daemon

Master

Real Attacker

Asymmetry comes in the form of a large farm of machines.IP addresses no longer need to be spoofed

Page 3: (Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008

February 2000: DDoS

Traditional protection techniques no longer applicable.

Page 4: (Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008

DDoS Attack: Yahoo!

• February 2000

• Intermittent outages for nearly three hours

• Estimated to have cost Yahoo $500,000 due to fewer page hits during the attack

• Attacker caught and successfully prosecuted

• Other companies (eBay, CNN) attacked in the same way the following days

Page 5: (Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008

DDoS Attack: Microsoft

• Target of multiple DDoS attacks

• Some successful, some not

• Successful one in January 2001• Attacked router in front of Microsoft’s DNS servers• During attack, as few as 2% of web page requests

were being fulfilled

Page 6: (Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008

DDoS Attack: DNS Root Servers

• October 2002 for 1 hour• Ping flood to all 13 of the DNS root servers • Successfully halted operations on 9

• Did not cause major impact on Internet• DNS NS record caching at local resolvers helped• Several root servers are very well-provisioned

Page 7: (Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008

DDoS: Setting up the Infrastructure

• Zombies– Slow-spreading installations can be difficult to detect– Can be spread quickly with worms

• Indirection makes attacker harder to locate– No need to spoof IP addresses

Page 8: (Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008

What is a Worm?

• Code that replicates and propagates across the network– Often carries a “payload”

• Usually spread via exploiting flaws in open services– “Viruses” require user action to spread

• First worm: Robert Morris, November 1988– 6-10% of all Internet hosts infected (!)

• Many more since, but none on that scale until July 2001

Page 9: (Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008

Example Worm: Code Red

• Initial version: July 13, 2001

• Exploited known ISAPI vulnerability in Microsoft IIS Web servers

• 1st through 20th of each month: spread20th through end of each month: attack

• Payload: Web site defacement• Scanning: Random IP addresses• Bug: failure to seed random number generator

Page 10: (Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008

Why Denial-of-Service “Works”

• Asymmetry: generating a request is cheaper than formulating a response

• One attack machine can generate a lot of requests, and effectively multiply its power

• Not always possible to achieve this asymmetry


Interdomain Routing CS 4251: Computer Networking II Nick Feamster Spring 2008

Transport and Naming: UDP, TCP, DNS CS 4251: Computer Networking II Nick Feamster Spring 2008

ΜΟΜΟΣ 4251-2014 (ΦΕΚ 80 Α)

Physical Layer II: Framing, SONET, SDH, etc. CS 4251: Computer Networking II Nick Feamster Spring 2008

Accessibility and Trust Nick Feamster Georgia Tech

Bumps in the Wire: NAT and DHCP Nick Feamster CS 4251 Computer Networking II Spring 2008

Primera Línea 4251 01 09 14

Interconnection: Switching and Bridging CS 4251: Computer Networking II Nick Feamster Spring 2008

Nick Feamster

# 26 4251 Zubehör / Accessories

Improving Internet Availability Nick Feamster Georgia Tech

Physical Layer: Signals, Capacity, and Coding CS 4251: Computer Networking II Nick Feamster Fall 2008

Some Foundational Problems in Interdomain Routingnms.csail.mit.edu/~feamster/talks/bgp/hotnets2004/talk.pdfSome Foundational Problems in Interdomain Routing Nick Feamster, Hari Balakrishnan

Multihoming and Multi-path Routing CS 4251: Computer Networking II Nick Feamster Fall 2008

Nick Feamster Princeton University

Virtual Links: VLANs and Tunneling CS 4251: Computer Networking II Nick Feamster Spring 2008

Router Internals: Scheduling and Lookup CS 4251: Computer Networking II Nick Feamster Spring 2008

Authentication Nick Feamster CS 6262 Spring 2009

Must 4251* 59530 Casamance · 2021. 1. 21. · 4251 01 34 4251 02 12 4251 03 81 4251 04 20 4251 05 05 4251 06 28 4251 07 34 4251 08 21 4251 09 77 4251 10 15 4251 11 42 4251 12 36

Denial of Spectrum Denial - Spectrum Authority

Nick Feamster MIT [email protected] Robust Internet Routing

J:4251 - 43004282 LARAGHYJ4282 DRAWINGSREV OJ4282 …

Ley 4251 de Lenguas Del Paraguay.pdf

Content Overlays (Nick Feamster) February 25, 2008

Router Internals CS 4251: Computer Networking II Nick Feamster Spring 2008

Intradomain Routing CS 4251: Computer Networking II Nick Feamster Spring 2008

4251 4255.output

Denial-of-Service and Resource Exhaustion Nick Feamster CS 7260 April 2, 2007

Network Monitoring and Security Nick Feamster CS 4251 Spring 2008

Network Security Highlights Nick Feamster Georgia Tech

Internet Availability Nick Feamster Georgia Tech

Network Security Problems Nick Feamster [email protected]

2011081220110812 Me 4251 User Guide

4251 – a Comunidade Partilha e Presença

Nick Feamster and Hari Balakrishnan Wide-Area Routing Configuration Nick Feamster and Hari Balakrishnan M.I.T. Computer Science and Artificial Intelligence Laboratory {feamster,hari}@csail.mit.edu