What is DoS?DoS or “Denial of Service” attack is where asingle host attacker attempts to make acomputer resource unavailable by eitherinjecting a computer virus or flooding thenetwork with useless traffic.
What is DDoS?DDoS or “Distributed Denial of Service”attack is a type of tactic used to attack avictim from multiple compromisedcomputers simultaneously. The attackerinstalls a virus or Trojan software oncompromised systems, and uses them toflood a victims network in a way that thevictim’s server cannot handle.
How is DDoS Done?Common Forms of DDoS Attacks Include:Ping of Death is where an attacker sends a ping packet larger than themaximum IP a computer system can handle causing the system to crash.Ping of Flood, where an attacker overwhelms the target’s network withICMP(Internet Control Message Protocol) Echo request packets. This consumesa high amount of bandwidth on low to mid-speed networks down to a crawl.Mail Bomb is when an unauthorized users send a large number of emailmessages with large attachments to a particular mail server, causing the diskspace to become full and results in denied email services to other users.Teardrop Attack creates a stream of IP fragments with their offset fieldoverloaded. The destination host attempts to reassemble the fragments causingit to crash or reboot.
Is DDoS A Real Threat?On Christmas Eve 2012 a DDoS attack on a bank in California resultedin a $900,000 Cyberheist. The cyber attackers used the GameoverTrojan. There were approximately 62 helpers that flooded a company’ssystem allowing the attackers to remotely controle the victims computerwith malware and hide numerous fraudulent bank transfers in amountsranging from $4,000 to $100,000.http://krebsonsecurity.com/2013/02/ddos-attack-on-bank-hid-900000-cyberheist/On March 22, 2013, the largest DDoS ever hit the CloudFlare Network,a host for spam fighting. While most attacks have a ceiling of around100 Gbps, their network was hit with 120 Gbps. CloudFlare’s providerswere then hit with a massive 300 Gbps DDoS. The result was seriousinternet congestion in Europe and Asia.http://www.esecurityplanet.com/network-security/the-largest-ddos-ever-hits-the-internet.html
What Is A Botnet?A botnet is a collection of Internet connected programs communicating with othersimilar programs in order to perform tasks. These tasks can be as simple ascontrolling an internet relay chat or as complex as a node on a distributed denial ofservice (DDoS) attack. The term botnet is derived from two common words - robotand network.There are two different types of botnets illegal and legal botnets. A legal botnet hasseveral IRC, or Internet Relay Chat bots that set channel modes on other bots andusers while keeping IRC channels free from unwanted users. An illegal botnet targetscomprised computers whose security defenses have been breached. The controller ofthe illegal botnet is able to direct the activities of the compromised computers throughcommunication channels.
Botnet That Has Been Taken DownThe Bamital botnet, which took people’s search results and took them todangerous websites that could install malware onto their computer, stealtheir personal information, or fraudulently charge businesses for onlineadvertisement clicks was taken down by Microsoft and Symantec. Theyused a combined legal and technical action to take down Bamital. OnJanuary 31, Microsoft filed for a lawsuit supported by a declaration fromSymantec against the botnet’s operators to stop all the communicationlines between the botnet and the malware-infected computers under itscontrol. The court granted Microsoft’s request and on February 6,Microsoft was escorted by the U.S. Marshals Service to take evidencefrom the web-hosting facilities in Virginia and New Jersey.
What is DNS?Domain Name System (DNS) A large database of unique IP addresses thatcorresponds with domain names.In essence, DNS is simply a database that links meaningful names (knownas host names), such as http://www.microsoft.com, to a specific IP address,such as 192.168.124.1. Simply linking addresses to names is just thebeginning, though, because DNS has many more features in addition tohost-name-to-address mapping.
"DNS Cache Poisoning"- DNS cache poisoning: An exploit in which the DNS database is changed insuch a way that a URL no longer connects to the correct Web site.- DNS cache poisoning is also a tool of hackers who want to direct users tosites infected with worms or keyloggers.
Shutting Down the InternetTo completely shut down the Internet in the U.S.A, it would requiresomeone with the ability to cause damage to the infrastructure of all theISPs (Internet Service Provider) major networks which is virtuallyimpossible to do because there are too many paths into and out of thecountry, too many independent providers who would have to be coercedor damaged. It could possibly be done if multiple governmentscoordinated together to shut down all the ISPs at the same time.The Internet is resilient and difficult to take down completely because itis decentralized. There is no company or government that owns theInternet. The Internet is not in a specific location but is spread out allover the world.
A particular slide catching your eye?
Clipping is a handy way to collect important slides you want to go back to later.