Preparing For DDoS And Botnet Attacks


Published on

Distributed denial of service (DDoS) attacks have become an enormous risk, shutting down businesses, halting bank transactions and disrupting government communications. This past summer, DDoS attacks were rampant, most notably in July, when cyber attacks, created with the help of botnets, targeted a number of government, news media and financial Web sites in South Korea and the United States. Just a month later, several social networking services, including Twitter, Facebook and Google, were struck with DDoS attacks, crippling services for hours.

As DDoS and botnet attacks have become more frequent and damaging, it has become more important to test network equipment and application servers with these same attacks in mind. Only through realistic attack simulation can you determine how equipment and the network will respond under attack.

The “BreakingPoint DDoS and Botnet Test Methodology” replicates a variety of attacks to help users find their network weaknesses before others do. Such attacks include the following:
DDoS attacks designed to consume all available bandwidth, all disk space or all available CPU cycles

DDoS attacks designed to disrupt important information flow such as routing tables by injecting false routes, thus causing packets to be misrouted

DDoS attacks designed to break the physical layer of the network and obstruct the communication between the end point and the user

Botnet attacks designed to send large quantities of unsolicited e-mail to trigger Delivery Server Notifications to spoofed originating email addresses

Published in: Technology, News & Politics
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Preparing For DDoS And Botnet Attacks

  1. 1. Preparing for DDoS and Botnet Attacks BreakingPoint Webcast and Test Methodology 11/05/09
  2. 2. Introductions <ul><li>Dennis Cox, Chief Technology Officer and co-founder </li></ul><ul><li>Tod Beardsley, Security Researcher </li></ul><ul><li>Dustin D. Trammell, Security Researcher </li></ul><ul><li> </li></ul><ul><li> </li></ul>
  3. 3. Topic 1: DDoS/Botnets Now Imminent? <ul><li>Summer 2009 saw DDoS and botnet attacks against high-profile government and financial websites, not to mention social networks. Is this a trend or an isolated uptick? </li></ul><ul><li>How many DDoS attacks are we NOT hearing about? </li></ul><ul><li>Should we all simply expect these attacks in the future? </li></ul><ul><li>How heavy is the actual damage? </li></ul>
  4. 4. Topic 2: Getting Better or Getting Worse? <ul><li>Are we seeing more sophisticated attacks, or simply more attacks? </li></ul><ul><li>Does lack of regulation throughout the industry make the penalty for malicious DDoS attacks minimal? </li></ul><ul><li>Many high-profile vulnerabilities being patched lately are related to DDoS. Is it getting worse? </li></ul><ul><li>What will it take to see some movement in stopping, or at least slowing down, DDoS and botnets? </li></ul>
  5. 5. Topic 3: Facing the Enemy <ul><li>What DDoS attacks should you focus on when simulating them during testing? </li></ul><ul><li>DDoS attacks have many flavors, including SYN floods and using botnets. Which should you use? </li></ul><ul><li>If you aren’t necessarily threatened by a malicious DDoS attack should you still prepare? </li></ul>
  6. 6. Five Takeaways <ul><li>Test with session based scenarios. </li></ul><ul><li>Focus on application-based attacks. </li></ul><ul><li>Never forget fuzzing; a crash is a Dos. </li></ul><ul><li>Monitor your logs, CPU and memory usage </li></ul><ul><li>Don’t forget your upstream provider/vendor </li></ul>
  7. 7. DDoS and Botnet Test Methodology <ul><li>Download Here: </li></ul>