focused on two distinct approaches: thwart the attacks at the provider level or stop them at the customer level. focused on two distinct approaches: thwart the attacks at the provider level or stop them at the customer level. Both approaches have failed to achieve uniform success on a consistent basis, and both are quite costly.
Ping of Death - bots create huge electronic packets and sends them on to victimsMailbomb - bots send a massive amount of e-mail, crashing e-mail serversSmurf Attack - bots send Internet Control Message Protocol (ICMP) messages to reflectors, see above illustrationTeardrop - bots send pieces of an illegitimate packet; the victim system tries to recombine the pieces into a packet and crashes as a result
. Microsoft suffered an attack from a DDoS called MyDoom. Crackers have targeted other major Internet players like Amazon, CNN, Yahoo and eBay.
Vince Pillay, CISO at Domestic and General - DDOS Attacks! – A major threat facing organisations today
DDOS Attacks !
A Major threat facing organisations today.
Domestic & General
The techniques used in the past by many
mitigation providers are no longer able to
• Impossible to stop the attack simply by blocking a
single IP address
• Difficult to distinguish legitimate user traffic from
• The cost of an attack can be considerable
• Website offline potentially for days
• Many organisations do not know they are under a
DoS/DDoS attack when it begins
Practically anyone with an Internet
connection can launch their own attack.
Attackers can rent botnets or purchase
relatively cheap tools to launch their
Your ISP will most likely offer DDoS
mitigation but if your traffic grows too
large and starts affecting their other
customers, or if the attack is too
complicated, they may just turn you off.
• Ping of Death
• Smurf Attack
The list of DDoS attack victims includes some pretty major
Do you feel confident that what you have in
place can successfully mitigate an attack?