DDOS – a Nuisance or Threat?

•

1 like•540 views

The last several years have seen a dramatic surge in the effective use of Distributed Denial of Service (DDoS) as a weapon of cyber attack. These attacks have grown from humble beginnings as an occasional nuisance to one of the biggest threats to network stability and security. No longer only the domain of elite attackers, today’s DDoS attacks can be easily launched by those with limited technical skills, and the results can seriously impair the operations of the victim.

Economy & Finance

DDOS — Nuisance or Threat?
© Norse
Harold Teunissen & Roland van Rijswijk-Deij
TECHEX14, Indianapolis, October 2014

Serving Dutch research & education
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
2

SURF as umbrella
• All ICT activities for Higher Education and Research in the
Netherlands are under the SURF umbrella
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
3
Scientific Computing
& Big Data
Commercial ICT
Products & Services
National Research &
Education Network
eScience Collaboration
and Tools

Absolute awareness
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
4

We take security serious
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
5

Vision
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
6

Immunity
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
7

Level of protection
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
8

Security & Privacy Program
SAFE AND SECURE ENVIRONMENT
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
9
AWARENESS
STANDARDS
FREE
INTERNET
COMMUNITIES SERVICES

What do we see?
FAIR SHARE?
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
10
Universities Attacks
Attacks
Vocational
Education
High Attacks
Schools

Regular user
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
11
DUTCH PUBLIC BROADCASTER

Regular user
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
12
DUTCH PUBLIC BROADCASTER
Winter
Olympics
World Cup
Soccer

Regular user
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
13
DUTCH PUBLIC BROADCASTER
MH17

Not every spike is an attack
A Large University
DDOS Astronomers
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
14

What do we see?
• DDoS attacks mostly directed against schools
• Majority are Bandwidth Denial-of-Service attacks
- Usually some form of amplification, mostly NTP, DNS,
CharGen, we also now see some UPnP based stuff
• Not every traffic spike is an attack
- Monitor for anomalous events (e.g. excess UDP/ICMP
traffic)
- Manual analysis by our CSIRT
• Attacks in Tens-of-Gigabits order of magnitude
• Many attacks rely on “DDoS-for-Hire” a.k.a.
Booters and are often inside jobs
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
15

Keep your friends close...
•We were monitoring for a particular attack
(because it abused some of our infrastructure)
•One of our customers appeared in a list of
spoofed IP addresses for this particular attack
•And was the victim of a number of DDoS attacks
•The timing of the attacks was rather suggestive...
Always during school hours!
•Let’s have a look at what the school found
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
16

Let’s see what happens if...
•The external NAT IP address is changed
–Will the attack follow?
•We look at the time lines
–Comparing attack times against class schedule
•We ask teachers about suspicious behaviour
–Are there signs that the culprit is among the students?
•Policy-Based Routing (PBR)
–Giving a suspected class a different external IP address
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
17

Caught after bragging
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
Courtesy: Graafschap College
18

Is this a problem?
• If an attack originates from our network that is
very bad — we have big pipes…
• The example inside job caused 1000s of students
and 100s of staff to go home because they could
no longer work
• Students need to learn that they are committing
a criminal offense
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
19

What do we do?
• Our CSIRT keeps vigil 24x7
• We constantly monitor our and our
constituency’s infrastructure for abuse
- Concerted efforts to combat e.g. open DNS resolvers and
vulnerable NTP servers
• We report criminal offenses to the authorities and
encourage our constituency to do so too
- We collaborate with law enforcement and the public
prosecutor’s office
• We (pre-)wash traffic
- using rate limiting, filters, …
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
20

Cybersave Yourself
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
21

Research
• We actively collaborate with academic groups
and non-profit organisations on DDoS research
• Study on “DDoS-for-Hire” services
• Support DDoS Defense research
• Legal expert opinions on e.g. botnet
take-downs
• Share operational network data with researchers
and develop policy for ethical data sharing
• Software Defined Security
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
22

Upcoming Services
• Protection as a Service a.k.a. DIY Cyber Laundry
• Centralised firewall
• Pentesting
• Maturity scans and auditing (ISO2700x)
• Security games
DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014
23

harold.teunissen@surfnet.nl haroldteunissen

Malware reversing is a conventional threat intelligence strategy that is being challenged to keep up with the fast-paced evolution of threats. To stay ahead of bad actors, the next generation security intelligence engine is big data, not malware reversing. An advanced generation of security intelligence teams has risen with mathematicians, algorithmic geniuses and big data researchers. The buzz words sound impressive but what does this actually mean in practice? On Jan 22nd, OpenDNS Security Researcher, Dhia Mahjoub, and Senior Product Manager, Dima Kumets, went under the hood of OpenDNS Security Research Labs. Their discussion included such topics as: -What the OpenDNS Researchers actually do and why it's so different from traditional sample analysis -The process of developing and improving learning machines as developed by Dhia and the Labs Team -Insights gained from looking at Internet traffic as a whole -The difference in Big Data insight vs Malware Reversing -The latest threats OpenDNS Security Labs is mitigating

Monitoring indonesia darknets - Revealing the unseen security intrusion

Charles Lim

As security teams today become more focused on improving their detection and response capabilities, they're having to revisit technologies they rely on, as well as how they're using those technologies to combat threats and improve security posture. Few technologies have played a bigger role in detection and response than intrusion detection and prevention systems. Today these tools are considered "must have" controls for security and compliance, but are we using them effectively? Are we getting the right alerts, and looking for the right events and patterns in network traffic? How can we more effectively correlate data from IDS and IPS with other information and build a better security capability based on internal and external threat intelligence? In this webcast, we'll revisit the IDS and its evolution as a mainstay technology in our security arsenal. We'll also look at where teams are taking these tools using more effective processes and technology to improve detection and response significantly.

Extracting the Malware Signal from Internet Noise

Ashwini Almad

Extracting the Malware Signal from Internet Noise

EndgameInc

DNS Security Presentation ISSA

Srikrupa Srivatsan

Supporting Research Communities with XSEDE

John Towns

XSEDE is a major research infrastructure in the United States with collaborations worldwide supporting thousands of researchers across a wide range of domains. XSEDE has taken an integrative and holistic approach to supporting researchers in the use of the varying resources and services available via XSEDE. This presentation will breifly review XSEDE and its vision and provide a discussion of the efforts within XSEDE targeted at supporting research communities.

Best Practices for Leveraging Security Threat Intelligence

AlienVault

The state of threat intelligence in the information security community is still very immature. Many organizations are still combating threats in a reactive manner, only learning what they're dealing with, well...when they're dealing with it. There is a wealth of information in the community, and many organizations have been gathering data about attackers and trends for years. How can we share that information, and what kinds of intelligence are most valuable? In this presentation, we'll start with a brief overview of AlienVault's Open Threat Exchange™ (OTX), and then we'll discuss attack trends and techniques seen in enterprise networks today, with supporting data from AlienVault OTX. We'll also take a look at some new models for collaboration and improving the state of threat intelligence going forward.

2015 Angelbeat_ConvergenceMsg-FINALRick Kingsley

Threat Hunting - Moving from the ad hoc to the formal

Priyanka Aash

In order to effectively defend your organization, you must think about the offensive strategy as well. But before we get ahead of ourselves let’s talk briefly about the building blocks of a good offense. First is an architecture that is built around a security policy that is aligned with the business risk. Risk must be understood and a cookie cutter approach must be avoided here because again every organization is different and so are their risks.

SIEM-plifying security monitoring: A different approach to security visibility

AlienVault

Despite investments in preventative security technology and teams, devastating data breaches continue to occur, and the threats we face only grow more advanced all the time. If even the largest companies are struggling to avoid breaches, how can teams with more limited security staff and budgets hope to avoid that same fate? Organizations need to invest more in detection and proactive threat intelligence. SIEM products have been widely deployed for this purpose, however much of the technology remains unwieldy and difficult to use. Join Dave Shackleford, founder of Voodoo Security and a Senior SANS Instructor, and Joe Schreiber, Solution Architect with AlienVault for this session covering: Key security intelligence insights you need to defend against modern threats "Tales from the trenches" of challenges getting the insights you need from SIEM Fundamentals for evaluating a security approach that will work for you, not against you. How a unified approach to security visibility can help you get from install to insight more quickly

INTRUSION_DETECTION_SYSTEM_PBL.pptx

Prasad92810

Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...

REVULN

TWCSIRT is a full member of FIRST and mainly focuses on the protection of NARLabs, TANet and TWAREN. We are defense cyber-attack from internet and according to government policy to handling incident every day. I am a research fellow with National Center for High-performance Computing and lead cyber security team to operation security operation center to handling incident in Taiwan Academic Network. In our research project from government, we are deployed the biggest honeynet in Taiwan and used over 6000 IP address to detection malicious network attack come from internet. We have published our malware knowledge base to sharing malware samples and reports for many researchers, students, research center and sharing our data set for deep tracking about cyber security. There are many new types of cyber-attack that’s is include ransomware, website mining, DDoS and hybrid malicious attack. Main Points: - What’s TWCSIRT Mission and Scope - How to coordinate in National level with ISAC, CERT and SOC - Cyber-attack and threat hunting in Taiwan Academic Network - How to develop cyber security platform for incident handling - How to do red team and blue team training by CDX

Scalar Security Roadshow - Toronto Stop

Scalar Decisions

Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...

CREST

SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...

AlienVault

As cyber attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. Event monitoring and correlation technologies and security operations are often tied to incident handling responsibilities, but the number of attack variations is staggering, and many organizations are struggling to develop incident detection and response processes that work for different situations. In this webcast, we'll outline the most common types of events and indicators of compromise (IOCs) that naturally feed intelligent correlation rules, and walk through a number of different incident types based on these. We'll also outline the differences in response strategies that make the most sense depending on what types of incidents may be occurring. By building a smarter incident response playbook, you'll be better equipped to detect and respond more effectively in a number of scenarios.

Network Security

Yasser Rabie

PLNOG15-DNS is the root of all evil in the network. How to become a superhero...

PROIDEA

Cybersecurity: Do Your Have a Plan to Address Threats and Prevent Liability?

Codero

How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...

Duo Security

How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...

Brian Kelly

Rick Holland of Forrester Research shares the results of his investigation into why targeted attacks on employees of businesses are increasing despite there being more information security products than ever. Presented by Duo Security  with guests Forrester Research and University of Tennessee, Knoxville Agenda and Presenters * How To Stop Targeted Attacks and Avoid “Expense In Depth” with Strong Authentication Rick Holland, Principal Analyst,  Forrester Research * How Duo Helps You Avoid “Expense In Depth” Brian Kelly, Principal Product Marketing Manager , Duo Security * A Case for Multi-factor Authentication Bob Hillhouse, Associate CIO and CISO  University of Tennessee, Knoxville

The indonesia darknets revealed– mapping the uncharted territory of the internet

Charles Lim

Surfing the data wave

Harold Teunissen

Because we can. No seriously, because we want to! Innovation is our passion and since we dwell in a sea of data and information we cannot dwindle on the side and feel dwarfed. We like action, we want to surf the data waves! But before you can surf, you need to know how high are the waves, what is the wind speed, water temperature, are there sharks? We can take this metaphor a long way of course but data is all around us. Be careful, data is not information. You need to surf it before it becomes information. When your genes are coded it is data. But for your insurance company it can be interesting information. You get the picture.

Transformation in Higher Education using ICT

Harold Teunissen

Similar to DDOS – a Nuisance or Threat?

The Evolution of IDS: Why Context is Key

AlienVault

Extracting the Malware Signal from Internet Noise

Ashwini Almad

Extracting the Malware Signal from Internet Noise

EndgameInc

DNS Security Presentation ISSA

Srikrupa Srivatsan

Supporting Research Communities with XSEDE

John Towns

Best Practices for Leveraging Security Threat Intelligence

AlienVault

2015 Angelbeat_ConvergenceMsg-FINALRick Kingsley

Threat Hunting - Moving from the ad hoc to the formal

Priyanka Aash

SIEM-plifying security monitoring: A different approach to security visibility

AlienVault

INTRUSION_DETECTION_SYSTEM_PBL.pptx

Prasad92810

Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...

REVULN

Scalar Security Roadshow - Toronto Stop

Scalar Decisions

Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...

CREST

SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...

AlienVault

Network Security

Yasser Rabie

PLNOG15-DNS is the root of all evil in the network. How to become a superhero...

PROIDEA

Cybersecurity: Do Your Have a Plan to Address Threats and Prevent Liability?

Codero

How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...

Duo Security

How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...

Brian Kelly

The indonesia darknets revealed– mapping the uncharted territory of the internet

Charles Lim

Similar to DDOS – a Nuisance or Threat? (20)

The Evolution of IDS: Why Context is Key

Extracting the Malware Signal from Internet Noise

DNS Security Presentation ISSA

Supporting Research Communities with XSEDE

Best Practices for Leveraging Security Threat Intelligence

2015 Angelbeat_ConvergenceMsg-FINAL

Threat Hunting - Moving from the ad hoc to the formal

SIEM-plifying security monitoring: A different approach to security visibility

INTRUSION_DETECTION_SYSTEM_PBL.pptx

Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...

Scalar Security Roadshow - Toronto Stop

Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...

SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...

Network Security

PLNOG15-DNS is the root of all evil in the network. How to become a superhero...

Cybersecurity: Do Your Have a Plan to Address Threats and Prevent Liability?

How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...

The indonesia darknets revealed– mapping the uncharted territory of the internet

More from Harold Teunissen

Surfing the data wave

Harold Teunissen

Transformation in Higher Education using ICT

Harold Teunissen

In de wolken - dat mag wat kosten?

Harold Teunissen

Ontsourcing -

Harold Teunissen

From Cubes to Spheres — The transition of higher education towards the cloud.

Harold Teunissen

We would like to present the experience of setting up a cloud offering for the R&E community in the Netherlands. Within SURF we have developed a hybrid cloud solution; combining in-house developed services and services commercially available. The services range from personal storage services to full data center replacements and Infrastructure as a Service. In close collaboration with 6 institutes (i.e. the six sides of a Cube), we have developed a hybrid cloud proposition that allows for optimal flexibility of (virtual) data center capacity under the highest level of trust. This SURFcloud service consist of SURF owned data center facilities and a selection of commercial cloud providers: Microsoft Azure, Amazon, etc.. Using the Cloud Manager Broker the institution is to select a service based on predetermined criteria and functionality: cost, data center location, level of data trust, backup and disaster recover. SURF is adapting its organization and processes to accommodate the transition of the institutions towards the cloud. The resulting cloud sphere and ecosystem is the ultimate stepping stone for the institutes towards the cloud.

Federations on the rise

Harold Teunissen

Open access and beyond

Harold Teunissen

The chasm of cyberinfrastructures

Harold Teunissen

The Cyber Infrastructure (CI) vision has been around for a couple of years. The development of such infrastructure requires a radical design philosophy and a foundation to build upon. It needs the development of an architecture that defines the components, their organizations and their interactions. Since the CI has an international scope and connections, this specification will as much as possible be done in international cooperation and leads to international standards and agreements. The main challenge of a CI is to provide an unified and standardized way for the composition of trustworthy, multi-domain and on-demand services for an international research group (or virtual organization). These services can be network resources, storage and HPC, but also collaboration tools for writing papers and exchanging research data. The CI demands a form of service orchestration where virtualization and management of services and resources in a distributed, heterogeneous environment is essential.

Dutch Cyberinfrastructure

Harold Teunissen

Collaborations Unleashed

Harold Teunissen

Collaboration is Happening

Harold Teunissen

Quantum Leap in Open Source Collaboration

Harold Teunissen

Fusion of bandwidth on demand and virtual organizationsHarold Teunissen

Enabling Dynamic Services with SURFconextHarold Teunissen

SURFconext - Collaboration without limit

Harold Teunissen

Community Clouds - Shared Infrastructure as a ServiceHarold Teunissen

Federaties in de praktijkHarold Teunissen

Cloud computing for dummiesHarold Teunissen

From Fiber to Wireless (and back) - Enablers for CollaborationHarold Teunissen

More from Harold Teunissen (20)

Surfing the data wave

Transformation in Higher Education using ICT

In de wolken - dat mag wat kosten?

Ontsourcing -

From Cubes to Spheres — The transition of higher education towards the cloud.

Federations on the rise

Open access and beyond

The chasm of cyberinfrastructures

Dutch Cyberinfrastructure

Collaborations Unleashed

Collaboration is Happening

Quantum Leap in Open Source Collaboration

Fusion of bandwidth on demand and virtual organizations

Enabling Dynamic Services with SURFconext

SURFconext - Collaboration without limit

Community Clouds - Shared Infrastructure as a Service

Federaties in de praktijk

Cloud computing for dummies

From Fiber to Wireless (and back) - Enablers for Collaboration

Recently uploaded

how to sell pi coins in South Korea profitably.

DOT TECH

Yes. You can sell your pi network coins in South Korea or any other country, by finding a verified pi merchant What is a verified pi merchant? Since pi network is not launched yet on any exchange, the only way you can sell pi coins is by selling to a verified pi merchant, and this is because pi network is not launched yet on any exchange and no pre-sale or ico offerings Is done on pi. Since there is no pre-sale, the only way exchanges can get pi is by buying from miners. So a pi merchant facilitates these transactions by acting as a bridge for both transactions. How can i find a pi vendor/merchant? Well for those who haven't traded with a pi merchant or who don't already have one. I will leave the what'sapp number of my personal pi merchant who i trade pi with. Message: +12349014282 VIA Whatsapp. #pi #sell #nigeria #pinetwork #picoins #sellpi #Nigerian #tradepi #pinetworkcoins #sellmypi

Tumelo-deep-dive-into-pass-through-voting-Feb23 (1).pdf

Henry Tapper

一比一原版(UCSB毕业证)圣芭芭拉分校毕业证如何办理

bbeucd

UCSB毕业证文凭证书【微信95270640】办理圣芭芭拉分校毕业证成绩单（Q微信95270640）毕业证学历认证OFFER专卖国外文凭学历学位证书办理澳洲文凭|澳洲毕业证,澳洲学历认证,澳洲成绩单澳洲offer,教育部学历认证及使馆认证永久可查 ,国外毕业证|国外学历认证,国外学历文凭证书 UCSB毕业证，UCSB毕业证，UCSB毕业证，UCSB毕业证，UCSB毕业证，UCSB毕业证，UCSB毕业证，专业为留学生办理毕业证、成绩单、使馆留学回国人员证明、教育部学历学位认证、录取通知书、Offer、【实体公司】办圣芭芭拉分校圣芭芭拉分校毕业证成绩单学历认证学位证文凭认证办留信网认证办留服认证办教育部认证（网上可查实体公司专业可靠） — — — 留学归国服务中心 — — - 【主营项目】一.圣芭芭拉分校毕业证成绩单使馆认证教育部认证成绩单等！二.真实使馆公证(即留学回国人员证明,不成功不收费) 三.真实教育部学历学位认证（教育部存档！教育部留服网站永久可查）四.办理各国各大学文凭(一对一专业服务,可全程监控跟踪进度) 国外毕业证学位证成绩单办理流程： 1客户提供圣芭芭拉分校圣芭芭拉分校毕业证成绩单办理信息：姓名生日专业学位毕业时间等（如信息不确定可以咨询顾问：我们有专业老师帮你查询）； 2开始安排制作毕业证成绩单电子图； 3毕业证成绩单电子版做好以后发送给您确认； 4毕业证成绩单电子版您确认信息无误之后安排制作成品； 5成品做好拍照或者视频给您确认； 6快递给客户（国内顺丰国外DHLUPS等快读邮寄）。专业服务请勿犹豫联系我！本公司是留学创业和海归创业者们的桥梁。一次办理终生受用一步到位高效服务。详情请在线咨询办理,欢迎有诚意办理的客户咨询!洽谈。招聘代理：本公司诚聘英国加拿大澳洲新西兰美国法国德国新加坡各地代理人员如果你有业余时间有兴趣就请联系我们咨询顾问：+微信:95270640田里逡巡一番抱起一只硕大的西瓜用石刀劈开抑或用拳头砸开每人抱起一大块就啃啃得满嘴满脸猴屁股般的红艳大家一个劲地指着对方吃吃地笑瓜裂得古怪奇形怪状却丝毫不影响瓜味甜丝丝的满嘴生津遍地都是瓜横七竖八的活像掷满了一地的大石块摘走二三只爷爷是断然发现不了的即便发现爷爷也不恼反而教山娃辨认孰熟孰嫩孰甜孰淡名义上是护瓜往往在瓜棚里坐上一刻饱吃一顿后山娃就领着阿黑漫山遍野地跑阿黑是一条黑色的大猎狗挺机灵的是山室

G20 summit held in India. Proper presentation for G20 summit

rohitsaxena882511

一比一原版(IC毕业证)帝国理工大学毕业证如何办理

conose1

IC毕业证文凭证书【微信95270640】一比一伪造帝国理工大学文凭@假冒IC毕业证成绩单+Q微信95270640办理IC学位证书@仿造IC毕业文凭证书@购买帝国理工大学毕业证成绩单IC真实使馆认证/真实留信认证回国人员证明如果您是以下情况，我们都能竭诚为您解决实际问题：【公司采用定金+余款的付款流程，以最大化保障您的利益，让您放心无忧】 1、在校期间，因各种原因未能顺利毕业，拿不到官方毕业证+微信95270640 2、面对父母的压力，希望尽快拿到帝国理工大学帝国理工大学毕业证学历书； 3、不清楚流程以及材料该如何准备帝国理工大学帝国理工大学毕业证学历书； 4、回国时间很长，忘记办理； 5、回国马上就要找工作，办给用人单位看； 6、企事业单位必须要求办理的；面向美国乔治城大学毕业留学生提供以下服务: 【★帝国理工大学帝国理工大学毕业证学历书毕业证、成绩单等全套材料，从防伪到印刷，从水印到钢印烫金，与学校100%相同】【★真实使馆认证（留学人员回国证明），使馆存档可通过大使馆查询确认】【★真实教育部认证，教育部存档，教育部留服网站可查】【★真实留信认证，留信网入库存档，可查帝国理工大学帝国理工大学毕业证学历书】我们从事工作十余年的有着丰富经验的业务顾问，熟悉海外各国大学的学制及教育体系，并且以挂科生解决毕业材料不全问题为基础，为客户量身定制1对1方案，未能毕业的回国留学生成功搭建回国顺利发展所需的桥梁。我们一直努力以高品质的教育为起点，以诚信、专业、高效、创新作为一切的行动宗旨，始终把“诚信为主、质量为本、客户第一”作为我们全部工作的出发点和归宿点。同时为海内外留学生提供大学毕业证购买、补办成绩单及各类分数修改等服务；归国认证方面，提供《留信网入库》申请、《国外学历学位认证》申请以及真实学籍办理等服务，帮助众多莘莘学子实现了一个又一个梦想。专业服务，请勿犹豫联系我如果您真实毕业回国，对于学历认证无从下手，请联系我，我们免费帮您递交诚招代理：本公司诚聘当地代理人员，如果你有业余时间，或者你有同学朋友需要，有兴趣就请联系我你赢我赢，共创双赢你做代理，可以帮助帝国理工大学同学朋友你做代理，可以拯救帝国理工大学失足青年你做代理，可以挽救帝国理工大学一个个人才你做代理，你将是别人人生帝国理工大学的转折点你做代理，可以改变自己，改变他人，给他人和自己一个机会美景更增添一份性感夹杂着一份纯洁的妖娆毫无违和感实在给人带来一份悠然幸福的心情如果说现在的审美已经断然拒绝了无声的话那么在树林间飞掠而过的小鸟叽叽咋咋的叫声是否就是这最后的点睛之笔悠然走在林间的小路上宁静与清香一丝丝的盛夏气息吸入身体昔日生活里的繁忙与焦躁早已淡然无存心中满是悠然清淡的芳菲身体不由的轻松脚步也感到无比的轻快走出这盘栾交错的小道眼前是连绵不绝的山峦浩荡天地间大自然毫无吝啬的展现它的达

WhatsPump Thriving in the Whirlwind of Biden’s Crypto Roller Coaster

muslimdavidovich670

Intro_Economics_ GPresentation Week 4.pptx

shetivia

在线办理(GU毕业证书)美国贡萨加大学毕业证学历证书一模一样

5spllj1l

学校原件一模一样【微信：741003700 】《(GU毕业证书)美国贡萨加大学毕业证学历证书》【微信：741003700 】学位证，留信认证（真实可查，永久存档）原件一模一样纸张工艺/offer、雅思、外壳等材料/诚信可靠,可直接看成品样本，帮您解决无法毕业带来的各种难题！外壳，原版制作，诚信可靠，可直接看成品样本。行业标杆！精益求精，诚心合作，真诚制作！多年品质 ,按需精细制作，24小时接单,全套进口原装设备。十五年致力于帮助留学生解决难题，包您满意。本公司拥有海外各大学样板无数，能完美还原。 1:1完美还原海外各大学毕业材料上的工艺：水印，阴影底纹，钢印LOGO烫金烫银，LOGO烫金烫银复合重叠。文字图案浮雕、激光镭射、紫外荧光、温感、复印防伪等防伪工艺。材料咨询办理、认证咨询办理请加学历顾问Q/微741003700 【主营项目】一.毕业证【q微741003700】成绩单、使馆认证、教育部认证、雅思托福成绩单、学生卡等！二.真实使馆公证(即留学回国人员证明,不成功不收费) 三.真实教育部学历学位认证（教育部存档！教育部留服网站永久可查）四.办理各国各大学文凭(一对一专业服务,可全程监控跟踪进度) 如果您处于以下几种情况： ◇在校期间，因各种原因未能顺利毕业……拿不到官方毕业证【q/微741003700】 ◇面对父母的压力，希望尽快拿到； ◇不清楚认证流程以及材料该如何准备； ◇回国时间很长，忘记办理； ◇回国马上就要找工作，办给用人单位看； ◇企事业单位必须要求办理的 ◇需要报考公务员、购买免税车、落转户口 ◇申请留学生创业基金留信网认证的作用: 1:该专业认证可证明留学生真实身份 2:同时对留学生所学专业登记给予评定 3:国家专业人才认证中心颁发入库证书 4:这个认证书并且可以归档倒地方 5:凡事获得留信网入网的信息将会逐步更新到个人身份内，将在公安局网内查询个人身份证信息后，同步读取人才网入库信息 6:个人职称评审加20分 7:个人信誉贷款加10分 8:在国家人才网主办的国家网络招聘大会中纳入资料，供国家高端企业选择人才

Instant Issue Debit Cards - School Designs

egoetzinger

where can I find a legit pi merchant online

DOT TECH

Earn a passive income with prosocial investing

Colin R. Turner

Globalization (Nike) Presentation PPT Poster Infographic.pdf

VohnArchieEdjan

This presentation poster infographic delves into the multifaceted impacts of globalization through the lens of Nike, a prominent global brand. It explores how globalization has reshaped Nike's supply chain, marketing strategies, and cultural influence worldwide, examining both the benefits and challenges associated with its global expansion. PPrreesseenntteedd bbyy:: GGrroouupp 66 GGlloobbaalliizzaattiioonn o f PP oo ll yy ee ss tt ee rr RR uu bb bb ee rr EE tt hh yy ll ee nn ee VV ii nn yy ll AA cc ee tt aa tt ee GG ee nn uu ii nn ee LL ee aa tt hh ee rr SS yy nn tt hh ee tt ii cc LL ee aa tt hh ee rr CC oo tt tt oo nn C o u n t r i e s I n v o l v e d Ni k e h a s m o r e t h a n 7 0 0 s h o p s i n c o n t r a c t w i t h w o r l d w i d e, w h e r e i n t h e i r offi c e s a n d i n d e p e n d e n t fa c t o r y o u t l e t s a r e fo u n d w i t h i n t h e p r e m i s e s of ap p r o x i m a t e l y 4 5 c o u n t r i e s. AAuussttrraalliiaa China India IInnddoonneessiiaa TThhaaiillaanndd TTuurrkkeeyy USA VViieettnnaamm NNiikkee SSuuppppllyy CChhaaiinn RRuubbbbeerr,, FFaabbrriicc aanndd ootthheerr rraaww mmaatteerriiaallss Shoe MMaannuuffaaccttuurriinngg aanndd AAsssseemmbbllyy MMaarrkkeettiinngg SSppoorrttiinngg ggooooddss,, ddeevveellooppmmeenntt aanndd SShhooee ssttoorreess OOnnlliinnee,, CCaattaalloogg aanndd ootthheerr rreettaaiill NNiikkee bbrraannddeedd shoes PPrroodduucctt ddeevveellooppmmeenntt CCuussttoommeerr nneeeeddss//wwaannttss ffeeeeddbbaacckk NNiikk Nike Supply Chain Globalization of Nike Nike Manufacturing Process Rubber Materials Nike Ethylene Vinyl Acetate Nike Genuine Leather Nike Synthetic Leather Nike Cotton in Nike Apparel Nike Shops Worldwide Nike Manufacturing Countries Cold Cement Assembly Nike 3D Printing Nike Shoes Nike Product Development Nike Marketing Strategies Nike Customer Feedback Nike Distribution Centers Automation in Nike Manufacturing Nike Consumer Direct Acceleration Nike Logistics and Transport

1：1制作加拿大麦吉尔大学毕业证硕士学历证书原版一模一样

qntjwn68

原版一模一样【微信：741003700 】【加拿大麦吉尔大学毕业证硕士学历证书】【微信：741003700 】学位证，留信认证（真实可查，永久存档）offer、雅思、外壳等材料/诚信可靠,可直接看成品样本，帮您解决无法毕业带来的各种难题！外壳，原版制作，诚信可靠，可直接看成品样本。行业标杆！精益求精，诚心合作，真诚制作！多年品质 ,按需精细制作，24小时接单,全套进口原装设备。十五年致力于帮助留学生解决难题，包您满意。本公司拥有海外各大学样板无数，能完美还原海外各大学 Bachelor Diploma degree, Master Degree Diploma 1:1完美还原海外各大学毕业材料上的工艺：水印，阴影底纹，钢印LOGO烫金烫银，LOGO烫金烫银复合重叠。文字图案浮雕、激光镭射、紫外荧光、温感、复印防伪等防伪工艺。材料咨询办理、认证咨询办理请加学历顾问Q/微741003700 留信网认证的作用: 1:该专业认证可证明留学生真实身份 2:同时对留学生所学专业登记给予评定 3:国家专业人才认证中心颁发入库证书 4:这个认证书并且可以归档倒地方 5:凡事获得留信网入网的信息将会逐步更新到个人身份内，将在公安局网内查询个人身份证信息后，同步读取人才网入库信息 6:个人职称评审加20分 7:个人信誉贷款加10分 8:在国家人才网主办的国家网络招聘大会中纳入资料，供国家高端企业选择人才

An Overview of the Prosocial dHEDGE Vault works

Colin R. Turner

how to sell pi coins effectively (from 50 - 100k pi)

DOT TECH

Anywhere in the world, including Africa, America, and Europe, you can sell Pi Network Coins online and receive cash through online payment options. Pi has not yet been launched on any exchange because we are currently using the confined Mainnet. The planned launch date for Pi is June 28, 2026. Reselling to investors who want to hold until the mainnet launch in 2026 is currently the sole way to sell. Consequently, right now. All you need to do is select the right pi network provider. Who is a pi merchant? An individual who buys coins from miners on the pi network and resells them to investors hoping to hang onto them until the mainnet is launched is known as a pi merchant. debuts. I'll provide you the what'sapp number. +12349014282

when will pi network coin be available on crypto exchange.

DOT TECH

There is no set date for when Pi coins will enter the market. However, the developers are working hard to get them released as soon as possible. Once they are available, users will be able to exchange other cryptocurrencies for Pi coins on designated exchanges. But for now the only way to sell your pi coins is through verified pi vendor. Here is the what'sapp contact of my personal pi vendor +12349014282

一比一原版(GWU,GW毕业证)加利福尼亚大学|尔湾分校毕业证如何办理

obyzuk

GWU,GW毕业证录取书【微信95270640】一比一伪造加利福尼亚大学|尔湾分校文凭@假冒GWU,GW毕业证成绩单+Q微信95270640办理GWU,GW学位证书@仿造GWU,GW毕业文凭证书@购买加利福尼亚大学|尔湾分校毕业证成绩单GWU,GW真实使馆认证/真实留信认证回国人员证明全套服务：加利福尼亚大学|尔湾分校加利福尼亚大学|尔湾分校毕业证成绩单真实回国人员证明 #真实教育部认证。让您回国发展信心十足#铸就十年品质！信誉！实体公司！可以视频看办公环境样板如需办理真实可查可以先到公司面谈勿轻信小中介黑作坊！可以提供加利福尼亚大学|尔湾分校钢印 #水印 #烫金 #激光防伪 #凹凸版 #最新版的毕业证 #百分之百让您绝对满意印刷DHL快递毕业证 #成绩单7个工作日真实大使馆教育部认证1个月。为了达到高水准高效率请您先以qq或微信的方式对我们的服务进行了解后如果有加利福尼亚大学|尔湾分校加利福尼亚大学|尔湾分校毕业证成绩单帮助再进行电话咨询。国外毕业证学位证成绩单如何办理： 1客户提供办理信息：姓名生日专业学位毕业时间等（如信息不确定可以咨询顾问：我们有专业老师帮你查询）； 2开始安排制作加利福尼亚大学|尔湾分校毕业证成绩单电子图； 3毕业证成绩单电子版做好以后发送给您确认； 4毕业证成绩单电子版您确认信息无误之后安排制作成品； 5成品做好拍照或者视频给您确认； 6快递给客户（国内顺丰国外DHLUPS等快读邮寄）。口水苦涩无比山娃一边游泳一边念念不忘那元门票尤令山娃气愤的是泳池老板居然硬让父亲买了一大一小二条巴掌般大的裤衩衩走出泳池山娃感觉透身粘粘乎乎散发着药水味有点痒山娃顿时留恋起家乡的小河潺潺活水清凉无比日子就这样孤寂而快乐地过着寂寞之余山娃最神往最开心就是晚上无论多晚多累父亲总要携山娃出去兜风逛夜市流光溢彩人潮涌动的都市夜生活总让山娃目不暇接惊叹不已父亲老问山娃想买什么想吃什么山娃知道父亲赚钱很辛苦在

Instant Issue Debit Cards - High School Spirit

egoetzinger

Pensions and housing - Pensions PlayPen - 4 June 2024 v3 (1).pdf

Henry Tapper

2. Elemental Economics - Mineral demand.pdf

Neal Brewster

After this second you should be able to: Explain the main determinants of demand for any mineral product, and their relative importance; recognise and explain how demand for any product is likely to change with economic activity; recognise and explain the roles of technology and relative prices in influencing demand; be able to explain the differences between the rates of growth of demand for different products.

Recently uploaded (20)

how to sell pi coins in South Korea profitably.

Tumelo-deep-dive-into-pass-through-voting-Feb23 (1).pdf

一比一原版(UCSB毕业证)圣芭芭拉分校毕业证如何办理

G20 summit held in India. Proper presentation for G20 summit

一比一原版(IC毕业证)帝国理工大学毕业证如何办理

WhatsPump Thriving in the Whirlwind of Biden’s Crypto Roller Coaster

Intro_Economics_ GPresentation Week 4.pptx

在线办理(GU毕业证书)美国贡萨加大学毕业证学历证书一模一样

Instant Issue Debit Cards - School Designs

where can I find a legit pi merchant online

Earn a passive income with prosocial investing

Globalization (Nike) Presentation PPT Poster Infographic.pdf

1：1制作加拿大麦吉尔大学毕业证硕士学历证书原版一模一样

An Overview of the Prosocial dHEDGE Vault works

how to sell pi coins effectively (from 50 - 100k pi)

when will pi network coin be available on crypto exchange.

一比一原版(GWU,GW毕业证)加利福尼亚大学|尔湾分校毕业证如何办理

Instant Issue Debit Cards - High School Spirit

Pensions and housing - Pensions PlayPen - 4 June 2024 v3 (1).pdf

2. Elemental Economics - Mineral demand.pdf

DDOS – a Nuisance or Threat?

2. Serving Dutch research & education DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 2

3. SURF as umbrella • All ICT activities for Higher Education and Research in the Netherlands are under the SURF umbrella DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 3 Scientific Computing & Big Data Commercial ICT Products & Services National Research & Education Network eScience Collaboration and Tools

4. Absolute awareness DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 4

5. We take security serious DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 5

6. Vision DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 6

7. Immunity DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 7

8. Level of protection DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 8

9. Security & Privacy Program SAFE AND SECURE ENVIRONMENT DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 9 AWARENESS STANDARDS FREE INTERNET COMMUNITIES SERVICES

10. What do we see? FAIR SHARE? DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 10 Universities Attacks Attacks Vocational Education High Attacks Schools

11. Regular user DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 11 DUTCH PUBLIC BROADCASTER

12. Regular user DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 12 DUTCH PUBLIC BROADCASTER Winter Olympics World Cup Soccer

13. Regular user DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 13 DUTCH PUBLIC BROADCASTER MH17

14. Not every spike is an attack A Large University DDOS Astronomers DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 14

15. What do we see? • DDoS attacks mostly directed against schools • Majority are Bandwidth Denial-of-Service attacks - Usually some form of amplification, mostly NTP, DNS, CharGen, we also now see some UPnP based stuff • Not every traffic spike is an attack - Monitor for anomalous events (e.g. excess UDP/ICMP traffic) - Manual analysis by our CSIRT • Attacks in Tens-of-Gigabits order of magnitude • Many attacks rely on “DDoS-for-Hire” a.k.a. Booters and are often inside jobs DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 15

16. Keep your friends close... •We were monitoring for a particular attack (because it abused some of our infrastructure) •One of our customers appeared in a list of spoofed IP addresses for this particular attack •And was the victim of a number of DDoS attacks •The timing of the attacks was rather suggestive... Always during school hours! •Let’s have a look at what the school found DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 16

17. Let’s see what happens if... •The external NAT IP address is changed –Will the attack follow? •We look at the time lines –Comparing attack times against class schedule •We ask teachers about suspicious behaviour –Are there signs that the culprit is among the students? •Policy-Based Routing (PBR) –Giving a suspected class a different external IP address DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 17

18. Caught after bragging DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 Courtesy: Graafschap College 18

19. Is this a problem? • If an attack originates from our network that is very bad — we have big pipes… • The example inside job caused 1000s of students and 100s of staff to go home because they could no longer work • Students need to learn that they are committing a criminal offense DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 19

20. What do we do? • Our CSIRT keeps vigil 24x7 • We constantly monitor our and our constituency’s infrastructure for abuse - Concerted efforts to combat e.g. open DNS resolvers and vulnerable NTP servers • We report criminal offenses to the authorities and encourage our constituency to do so too - We collaborate with law enforcement and the public prosecutor’s office • We (pre-)wash traffic - using rate limiting, filters, … DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 20

21. Cybersave Yourself DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 21

22. Research • We actively collaborate with academic groups and non-profit organisations on DDoS research • Study on “DDoS-for-Hire” services • Support DDoS Defense research • Legal expert opinions on e.g. botnet take-downs • Share operational network data with researchers and develop policy for ethical data sharing • Software Defined Security DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 22

23. Upcoming Services • Protection as a Service a.k.a. DIY Cyber Laundry • Centralised firewall • Pentesting • Maturity scans and auditing (ISO2700x) • Security games DDOS Nuisance or Threat — TECHEX14— Indianapolis, IN — October 2014 23

24. harold.teunissen@surfnet.nl haroldteunissen

DDOS – a Nuisance or Threat?

Recommended

Recommended

More Related Content

Similar to DDOS – a Nuisance or Threat?

Similar to DDOS – a Nuisance or Threat? (20)

More from Harold Teunissen

More from Harold Teunissen (20)

Recently uploaded

Recently uploaded (20)

DDOS – a Nuisance or Threat?