Successfully reported this slideshow.

More Related Content

Viewers also liked

The Next Generation Internet Number Registry Services
MyNOG
Routing Security - its importance and status in South Asia
Bangladesh Network Operators Group
Network State Awareness & Troubleshooting
APNIC
MANRS for Network Operators - bdNOG12
Bangladesh Network Operators Group
BSides: BGP Hijacking and Secure Internet Routing
APNIC
How to Configure NetFlow v5 & v9 on Cisco Routers
SolarWinds
Route Origin Validation With Routinator - A MANRS Approach for Operators
Bangladesh Network Operators Group
More specific announcments in BGP
APNIC
NZNOG 2020: APNIC update
APNIC
BMP: the pa amb tomàquet your BGP monitoring was missing
CSUC - Consorci de Serveis Universitaris de Catalunya
PhNOG 2020: ROA and RPKI in the Philippines
APNIC
Secured Internet Gateway for ISP with pfsense & FRR
Bangladesh Network Operators Group
PhNOG 2020: Securing your resources with RPKI and IRT
APNIC
Cloud Traffic Engineer – Google Espresso Project by Shaowen Ma
MyNOG
ION Bangladesh - Secure BGP and Operational Report of Bangladesh
Deploy360 Programme (Internet Society)
IPv6 at FPT Telecom
APNIC
Applying IPv6 to LTE Networks
APNIC
DPI BOX: deep packet inspection for ISP traffic management
Ilya Mikov
2017 01-31-cgns
GeoffHuston

Similar to Community Tools to Fight Against DDoS

28th TWNIC OPM and TWNOG 2017: Security best practices for network operators
APNIC
Mpls hacking security Myth
idsecconf
The Robust system for antivenin DDOS by Rioter Puddle Expertise
AM Publications
PLNOG15: BGP New Advanced Features - Piotr Wojciechowski
PROIDEA
Denial of Service
MarketingArrowECS_CZ
DDoS Mitigation Tools and Techniques
Babak Farrokhi
Intrusion Detection Techniques for Mobile Wireless Networks
guest1b5f71
Kipp Berdiansky on Tcp syn flooding and ip spoofing attacks
Kipp Berdiansky
Coporate Espionage
UTD Computer Security Group
BGP Flowspec (RFC5575) Case study and Discussion
APNIC
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
Siena Perry
DSNs & X.400 assist in ensuring email reliability
IOSR Journals
DSNs & X.400 assist in ensuring email reliability
IOSR Journals
Honeypot Essentials
Anton Chuvakin
Network and DNS Vulnerabilities
n|u - The Open Security Community
DDoS - Distributed Denial of Service
Er. Shiva K. Shrestha
In Plain Sight: The Perfect Exfiltration
Itzik Kotler
02 ipv6-cpe-panel security
Haris Padinharethil
Routing security - Budapest 2011
Wardner Maia
Stateful anycast for d do s mitigation
Ẩn Sĩ

More from Bangladesh Network Operators Group

Measuring the Internet Economy: How Networks Create Value
Bangladesh Network Operators Group
RPKI Deployment Status in Bangladesh
Bangladesh Network Operators Group
Route Origin Validation - A MANRS Approach
Bangladesh Network Operators Group
The Post Covid-19 Cybersecurity World - Where Is It Headed?
Bangladesh Network Operators Group
EVPN Introduction
Bangladesh Network Operators Group
Social CDN Business : Paid or Free - bdNOG12 Panel Discussion
Bangladesh Network Operators Group
Having Honeypot for Better Network Security Analysis
Bangladesh Network Operators Group
Hands-on DNSSEC Deployment
Bangladesh Network Operators Group
Challenges for BdREN in COVID Environment
Bangladesh Network Operators Group
Lifting the Lid on Lawful Intercept
Bangladesh Network Operators Group
BGPalerter: BGP prefix monitoring
Bangladesh Network Operators Group
Learning from failures
Bangladesh Network Operators Group
RPKI invalids aren't gone yet
Bangladesh Network Operators Group
Log analysis with elastic stack
Bangladesh Network Operators Group
Routing diff
Bangladesh Network Operators Group
SEGMENT Routing
Bangladesh Network Operators Group
Is Internet getting old !!
Bangladesh Network Operators Group
pps Matters
Bangladesh Network Operators Group
A study of our DNS full-resolvers
Bangladesh Network Operators Group
Automating Network Infrastructure : Ansible
Bangladesh Network Operators Group

Featured

What to Upload to SlideShare
SlideShare
Be A Great Product Leader (Amplify, Oct 2019)
Adam Nash
Trillion Dollar Coach Book (Bill Campbell)
Eric Schmidt
APIdays Paris 2019 - Innovation @ scale, APIs as Digital Factories' New Machi...
apidays
A few thoughts on work life-balance
Wim Vanderbauwhede
Is vc still a thing final
Mark Suster
The GaryVee Content Model
Gary Vaynerchuk
Mammalian Brain Chemistry Explains Everything
Loretta Breuning, PhD
Blockchain + AI + Crypto Economics Are We Creating a Code Tsunami?
Dinis Guarda
The AI Rush
Jean-Baptiste Dumont
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
Carol Smith
10 facts about jobs in the future
Pew Research Center's Internet & American Life Project
Harry Surden - Artificial Intelligence and Law Overview
Harry Surden
Inside Google's Numbers in 2017
Rand Fishkin
Pinot: Realtime Distributed OLAP datastore
Kishore Gopalakrishna
How to Become a Thought Leader in Your Niche
Leslie Samuel
Visual Design with Data
Seth Familian
Designing Teams for Emerging Challenges
Aaron Irizarry
UX, ethnography and possibilities: for Libraries, Museums and Archives
Ned Potter
Winners and Losers - All the (Russian) President's Men
Ian Bremmer

Related Books

Free with a 14 day trial from Scribd

See all
Tubes: A Journey to the Center of the Internet Andrew Blum
(4/5)
Free
Emergence: The Connected Lives of Ants, Brains, Cities, and Software Steven Johnson
(4.5/5)
Free
The Impulse Economy: Understanding Mobile Shoppers and What Makes Them Buy Gary Schwartz
(4.5/5)
Free
An Army of Davids: How Markets and Technology Empower Ordinary People to Beat Big Media, Big Government, and Other Goliaths Glenn Reynolds
(4/5)
Free
World Wide Mind: The Coming Integration of Humanity, Machines, and the Internet Michael Chorost
(4/5)
Free
In the Plex: How Google Thinks, Works, and Shapes Our Lives Steven Levy
(4.5/5)
Free
Hamlet's BlackBerry: A Practical Philosophy for Building a Good Life in the Digital Age William Powers
(4/5)
Free
Talking Back to Facebook: The Common Sense Guide to Raising Kids in the Digital Age James P. Steyer
(4.5/5)
Free
The Thank You Economy Gary Vaynerchuk
(4/5)
Free
Socialnomics: How Social Media Transforms the Way We Live and Do Business Erik Qualman
(4/5)
Free
The Nature of the Future: Dispatches from the Socialstructed World Marina Gorbis
(4/5)
Free
Public Parts: How Sharing in the Digital Age Improves the Way We Work and Live Jeff Jarvis
(3.5/5)
Free
Blog Schmog: The Truth About What Blogs Can (and Can't) Do for Your Business Robert W. Bly
(4/5)
Free
The End of Business As Usual: Rewire the Way You Work to Succeed in the Consumer Revolution Brian Solis
(5/5)
Free
How to Be Invisible: Protect Your Home, Your Children, Your Assets, and Your Life J. J. Luna
(4/5)
Free
Google's PageRank and Beyond: The Science of Search Engine Rankings Amy N. Langville
(3/5)
Free

Related Audiobooks

Free with a 14 day trial from Scribd

See all
Stop Checking Your Likes: Shake Off the Need for Approval and Live an Incredible Life Susie Moore
(4/5)
Free
So You Want to Start a Podcast: Finding Your Voice, Telling Your Story, and Building a Community that Will Listen Findaway
(4.5/5)
Free
Platform: Get Noticed in a Noisy World Michael Hyatt
(4.5/5)
Free
Ten Arguments for Deleting Your Social Media Accounts Right Now Jaron Lanier
(4/5)
Free
Who Owns the Future? Jaron Lanier
(4/5)
Free
Kill All Normies: Online Culture Wars From 4Chan And Tumblr To Trump And The Alt-Right Angela Nagle
(4/5)
Free
Cryptography: The Key to Digital Security, How It Works, and Why It Matters Keith Martin
(4/5)
Free
This Machine Kills Secrets: How Wikileakers, Cypherpunks, and Hacktivists Aim to Free the World's Information Andy Greenberg
(4/5)
Free
The Dark Net: Inside the Digital Underworld Jamie Bartlett
(4/5)
Free
Exploding Data: Reclaiming Our Cyber Security in the Digital Age Michael Chertoff
(4.5/5)
Free
Internet Riches: The Simple Money-Making Secrets of Online Millionaires Scott Fox
(4/5)
Free
Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous Gabriella Coleman
(4/5)
Free
Cyberwar: How Russian Hackers and Trolls Helped Elect a President—What We Don't, Can't, and Do Know Kathleen Hall Jamieson
(3/5)
Free
The Secret Life: Three True Stories of the Digital Age Andrew O'Hagan
(4/5)
Free
Blockchain Revolution: How the Technology Behind Bitcoin Is Changing Money, Business, and the World Don Tapscott
(4/5)
Free
The Filter Bubble: What the Internet Is Hiding from You Eli Pariser
(4/5)
Free

Community Tools to Fight Against DDoS

  1. 1. Community tools to fight against DDoS Fakrul Alam bdHUB Limited fakrul@bdhub.com
  2. 2. bdNOG3 Conference | 18th May 2015 | Dhaka
  3. 3. DDoS •  Distributed denial-of-service (DDoS) attacks target network infrastructures or computer services by sending overwhelming number of service requests to the server from many sources. •  Server resources are used up in serving the fake requests resulting in denial or degradation of legitimate service requests to be served bdNOG3 Conference | 18th May 2015 | Dhaka
  4. 4. Addressing DDoS attacks •  Detection –  Detect incoming fake requests •  Mitigation –  Diversion : Send traffic to a specialized device that removes the fake packets from the traffic stream while retaining the legitimate packets –  Return : Send back the clean traffic to the server bdNOG3 Conference | 18th May 2015 | Dhaka
  5. 5. 3 Community tools from Team Cymru •  Bogon Filter –  https://www.team-cymru.org/bogon-reference.html •  Flow Sonar –  https://www.team-cymru.org/Flow-Sonar.html •  UTRS (Unwanted Traffic Removal Service) –  https://www.team-cymru.org/UTRS/index.html bdNOG3 Conference | 18th May 2015 | Dhaka
  6. 6. 1. Bogon Filter
  7. 7. Bogon Filter •  A bogon prefix is a route that should never appear in the Internet routing table –  Bogons are defined as Martians (private and reserved addresses defined by RFC 1918, RFC 5735, and RFC 6598) and netblocks that have not been allocated to a RIR by the IANA •  These are commonly found as the source addresses of DDoS attacks •  Study shows 60% of the naughty packets were obvious bogons •  Bogon and fullbogon lists are NOT static lists bdNOG3 Conference | 18th May 2015 | Dhaka
  8. 8. Bogon Filter : Configuration IPv4 bdNOG3 Conference | 18th May 2015 | Dhaka / you can forward these traffic and analyze /
  9. 9. Bogon Filter : Configuration IPv6 bdNOG3 Conference | 18th May 2015 | Dhaka / you can forward these traffic and analyze /
  10. 10. Bogon Filter : Output bdNOG3 Conference | 18th May 2015 | Dhaka
  11. 11. Bogon Filter : Status •  The IPv4 traditional bogons list is currently 13 prefixes. •  fullbogons list is approximately 3,618 prefixes. •  The IPv6 fullbogons list is approximately 58,401 prefixes. –  [date : 18th May 2015] bdNOG3 Conference | 18th May 2015 | Dhaka
  12. 12. Bogon Filter : Peering •  Contact bogonrs@cymru.com 1.  Which bogon types you wish to receive (traditional IPv4 bogons, IPv4 fullbogons, and/or IPv6 fullbogons) 2.  Your AS number 3.  The IP address(es) you want us to peer with 4.  Does your equipment support MD5 passwords for BGP sessions? 5.  Optional: your GPG/PGP public key •  https://www.team-cymru.org/bogon-reference- bgp.html bdNOG3 Conference | 18th May 2015 | Dhaka
  13. 13. 2. Flow Sonar
  14. 14. Flow Sonar •  The Team Cymru Flow Sonar system is a powerful tool for network managers to visually identify and understand what is happening on their network at any given time •  Leveraging the free and open-source framework provided by Peter Haag of SWITCH •  Special plugins "dosrannu" developed by Team Cymru to track malicious activity on your network •  Unique dosrannu feeds alerted to DDoS attacks, compromised machines, and the presence of connections to C&C hosts bdNOG3 Conference | 18th May 2015 | Dhaka
  15. 15. Flow Sonar It’s  nfsens/nfdump!!!   bdNOG3 Conference | 18th May 2015 | Dhaka
  16. 16. Flow Sonar : Get It •  Contact outreach@cymru.com 1.  Team Cymru will send hardware •  1 Server •  1 Router •  https://www.team-cymru.org/Flow-Sonar.html bdNOG3 Conference | 18th May 2015 | Dhaka
  17. 17. 3. UTRS (Unwanted Traffic Removal Service)
  18. 18. RTBH 101 CE IP : 1.2.3.4 BGP : 1.2.3.0/24 PE Transit I Transit II Provider InfraCustomer Infra Website Internet bdNOG3 Conference | 18th May 2015 | Dhaka
  19. 19. RTBH 101 CE IP : 1.2.3.4 BGP : 1.2.3.0/24 PE Transit I Transit II Provider InfraCustomer Infra Website Internet DDoS Traffic DDoS Traffic DDoS Traffic bdNOG3 Conference | 18th May 2015 | Dhaka
  20. 20. RTBH 101 CE IP : 1.2.3.4 BGP : 1.2.3.0/24 PE Transit I Transit II Provider InfraCustomer Infra Website Internet DDoS Traffic DDoS Traffic DDoS Traffic BGP : 1.2.3.4/32 COM : 65420:666 bdNOG3 Conference | 18th May 2015 | Dhaka
  21. 21. RTBH 101 CE IP : 1.2.3.4 BGP : 1.2.3.0/24 PE Transit I Transit II Provider InfraCustomer Infra Website Internet DDoS Traffic BGP : 1.2.3.4/32 COM : 65420:666 IP : 1.2.3.4/32 -> discard IP : 1.2.3.4/32 -> discard bdNOG3 Conference | 18th May 2015 | Dhaka
  22. 22. RTBH Upstream •  Check whether your upsteam provider support RTBH •  Configure & Test RTBH before incident •  Only announce IPv4 /32's from address space you originate or your customer bdNOG3 Conference | 18th May 2015 | Dhaka
  23. 23. UTRS •  It’s based on the basic principle of DDoS filtering; Remotely Triggered Black Hole Filtering •  UTRS is a system that helps mitigate large infrastructure attacks by leveraging an existing network of cooperating BGP speakers such as ISPs, hosting providers and educational institutions that automatically distributes verified BGP-based filter rules from victim to cooperating networks bdNOG3 Conference | 18th May 2015 | Dhaka
  24. 24. UTRS : Configuration bdNOG3 Conference | 18th May 2015 | Dhaka Make sure you tag the route properly
  25. 25. UTRS : Apply •  Newly launched service –  Quite picky to choose whom to peer –  Do organization verification •  https://www.team-cymru.org/UTRS/index.html bdNOG3 Conference | 18th May 2015 | Dhaka
  26. 26. How UTRS varies from RTBH with upstream!
  27. 27. Other Efforts •  NANOG BCOP : DDoS-DoS-attack-BCOP –  http://bcop.nanog.org/index.php/DDoS-DoS-attack-BCOP bdNOG3 Conference | 18th May 2015 | Dhaka
  28. 28. Thank You

×