DDoS – Kill or be killed – (all the latest techniques revealed)


Published on

DDoS is one of the hottest security topics right now. DDoS attacks are becoming more frequent, more powerful and more sophisticated. Don’t become the next victim, hear from the DDoS experts everything you need to know to prevent your business being DDoS’d.

Webscreen Technology provided the world’s first DDoS mitigation software back in 2000, their team are acknowledged experts on the subject of DDoS detection and mitigation. This session starts with a brief review of the evolution of DDoS before moving on to assess and discuss the threat posed by the new DDoS attack vectors. The middle section focuses upon how to prevent the new attack vectors taking you offline and the session closes with some golden rules for remaining online 24 x7 followed by a Q&A session.

Published in: Technology, News & Politics
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

DDoS – Kill or be killed – (all the latest techniques revealed)

  1. 1. Welcome Paul Bristow Jon Shallow 20 October 2011
  2. 2. DDoS milestones• 1999: Sans Institute discover remotely executable code on 1,000s of PCs and Botnets & Trinoo emerge.• 2000: Large scale DDoS attacks take out Amazon, e-bay, CNN, YAHOO and other major e-commerce sites• 2000: First example of DDoS used as a tool of protest• 2000: First appliance DDoS solution is launched
  3. 3. DDoS milestones• 2001: Mafiaboy. A 16yr old Canadian pleads guilty to the February 2000 DDoS attacks• 2003: First DDoS proxy service launched• 2004: Cisco acquire Riverhead Technology• 2006: Anonymous credited with DDoS attack on Habbo website
  4. 4. DDoS milestones• 2007: Russia is accused of DDoS attacks on Estonian government web sites• 2008: Russia is accused of DDoS attacks on Georgian government web sites• 2008: Anonymous organise operation “Chanology”• 2009: disaffected Iranian voters use social media as way of co-ordinating “flash crowd” attacks on government web sites after allegations of vote rigging
  5. 5. DDoS milestones• 2010: Anonymous DDoS Australian government sites in a protest about internet law reform• 2010: 4Chan boards linked to DDoS attacks on the media• 2010: Wikileaks and Operation Payback becomes the focus for numerous hacktivists to launch DDoS attacks on Visa, PayPal etc.• 2011: Lutz Sec form and join the new wave of protesting DDoS hacktivists groups
  6. 6. DDoS enablers• IRC, forums, social media & latterly VIBE They all have a role in the dissemination of DDoS knowledge and co-ordination of attacks.• LOIC (low orbit ion cannon) An open source network stress testing app that has had more than 250,000 downloads in the past 18 months!• Growth of Botnets The effects of supply and demand mean botnets have never been cheaper to hire or more powerful. You can hire a botnet on a try and buy basis, or by the hour.
  7. 7. DDoS attack vectors• Volumetric attacks are getting bigger in size but noticeably smaller in frequency• “Slow and Low” attacks in many different guises have been growing in popularity for the past two years • These type of attacks target back-end weaknesses • As low as 50 http requests per second can take out large websites • Both of the above can delivered via a flash crowd attack organised via social media etc• Anything that makes a resource on your network become “busy”
  8. 8. DDoS considerations• Can your online presence afford to be offline for hours / days / weeks?• What would your revenue losses be while offline?• How stick-able are your customers – will they go elsewhere if you are not online?• How will you entice customers back once back-online?
  9. 9. DDoS mitigation options (1 of 2)• Do nothing The first choice of ostriches everywhere• Oversize Upgrade everything in the data path to point where it’s not possible to flood or consume your resources• Silver Bullet Apparently they exist, a magic box that does it all: Firewall, Application aware Firewall,IPS, DDoS etc.
  10. 10. DDoS mitigation options (2 of 2)• DDoS appliances Three flavours each with their pluses & minuses. • Rules based limiting • Signature based limiting • Heuristically based limiting• Proxy services Growing in popularity as we move to cloud / virtualised technology• Virtualised DDoS mitigation software New & promising
  11. 11. DDoS recommendations (1 of 2)• Be proactive in your DDoS mitigation planning• If your web service is hosted, ask your host provider to state in writing what measures they have in place to mitigate DDoS attacks with what level of guarantees. • Do not accept vague answers • Be realistic in guarantees • A firewall is insufficient (it can be the target!) • Simple rate limiting helps, but will also limit good traffic • You want your online presence to be up during any attacks
  12. 12. DDoS recommendations (2 of 2)• If the host provider has no DDoS mitigation capabilities • Change host provider! • Or install your own protection in their racks and if they make doing this difficult change your host !• If you have your own DC or you Co-Lo • Review your network flows for places of protection • Make sure you can handle volume attacks • Attack traffic could be much higher than normal flows • Select appropriate DDoS mitigation technology • Take up other client references!
  13. 13. Summary• DDoS attacks will continue to grow in volume and sophistication• Be proactive in your DDos mitigation planning • So attacks do not take you offline• Ignore the marketing hype • There is no silver bullet, no one size fits all.• Look for a partner with an established track record• Look for proven 24 x 7 support.
  14. 14. Finally• Thank you for your time, it is greatly appreciated• If you want a more in-depth, off the record, discussion • Call in at stand A28 • Email info@webscreen-technology.com • Call us on +44 (0) 113 232 2332.
  15. 15. YOUR YEAR-ROUND IT RESOURCE – access to everything you’ll need to know
  16. 16. THE WHOLETECHNOLOGY STACKfrom start to finish
  17. 17. COMMENT & ANALYSISInsights, interviews and the latest thinking on technology solutions
  18. 18. VIDEOYour source of live information – all the presentations from our live events
  19. 19. TECHNOLOGY LIBRARY Over 3,000 whitepapers,case studies, product overviews and press releases from all the leading IT vendors
  20. 20. EVENTS, WEBINARS & PRESENTATIONS Missed the event? Download the presentations thatinterest you. Catch up with convenient webinars. Plan your next visit.
  21. 21. DirectoryA comprehensive A-Z listing providing in-depth company overviews
  22. 22. ALL FREE TO ACCESS 24/7
  23. 23. online.ipexpo.co.uk