Distributed Denial Of Service Introduction

•

1 like•1,222 views

Distributed Denial of Service (DDoS) attacks overwhelm servers or networks by flooding them with malicious traffic. This document provides an overview of DDoS attacks including a brief history highlighting major attacks from 2002 to 2012, descriptions of different types of attacks at the network and application levels, terminology used in DDoS attacks such as nodes and command-and-control servers, examples of amplification techniques using XML entities, and recommendations for protection, incident response, and next steps to improve security.

Technology

Distributed Denial of Service attacks
(DDoS)

101

AGENDA
ry
to

is
H

Pr
o
What is it?

Next
Step
s

Ba

sic
te
ct
ion

ed
nc
va
ion
Ad
ct
te
ro
P

s
ple
m
Exa

DNS root servers
attacked

2002

DNS
attacks
Estonia
attacks

2007

commercial
targets

2010

2012

t?
is i
hat
W

too many requests...can t handle
* this actually happened at a CCC congress in Berlin

t?
is i
hat
W

L2

application

L2

infrastructure
L1

backup
infrastructure
L1

Level 1 : Network-based (D)DoS
Level 2 : Application-level (D)DoS
Level 2 : Economic (D)DoS
Process (D)DoS

L2

t?
is i
hat
W

c

c

c

c

c
c

c

c

c

c

c
c

c

c

some terminology:
•node
•command&control
•recruitment
•attrition
•rate of growth/decay:

@

L1
infrastucture
main

s

s

backup

s

s

s

s

t?
is i
hat
W

L2
application

db server

server

db

web

server

db

<?xml version="1.0"?>
<!DOCTYPE lolz [
<!ENTITY lol "lol">
<!ENTITY lol2 "&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;">
<!ENTITY lol3 "&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;">
<!ENTITY lol4 "&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;">
<!ENTITY lol5 "&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;">
<!ENTITY lol6 "&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;">
<!ENTITY lol7 "&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;">
<!ENTITY lol8 "&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;">
<!ENTITY lol9 "&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;">
]>
<lolz>&lol9;</lolz>

app
app

c
asi
B
tion
ec
rot
P

c

c

c

c

c
c

c

c

c

c

c
c

c

c

CDN

@

content
distribution
network

+ no hardware limitations
+ no bandwidth limits
+ intelligence

ISP
main

ON
PREMISE

backup

s

s
s

s

- hardware limitations
+ (some) control over
bandwidth
+ increased ‘intelligence’

s
s

- hardware limitations
- no control over bandwidth
- limited ‘intelligence’

d
nce
dva
A
tion
ec
rot
P

Web Application Firewall

db server

server

web

server

db
db

app

secure
conﬁg

secure
conﬁg

- cloud
- devops

centralized
mgmt

secure conﬁg
app

SDLC

secure
conﬁg

DN

L
SS

S

d
nce
dva
A
tion
ec
rot
P

APP

XML

t
Nex
?
eps
St

process

Incident
Response

• Prepare
• Integrate service providers
• “know your enemy”

During
an attack

• Containment
• Communications
• Business Continuity

After
the attack

• Return to normal operations
• lessons learned
• forensics

t
Nex
?
eps
St

quick wins
★ Build standard security components
★ encryption
★ AuthN/AuthZ
★ Logging
★ Input/Output validation
★ ...
★ Automate standardized processes (leverage tech)
★ deployment (including vuln scanning)
★ load balancing

some terminology:
•node
•a computer

recruited to the botnet and controlled
by the botnet owner.
•command&control (C2)
•a central authority controlling the botnet, providing
the nodes with instructions.
•recruitment
•the methods used by the botnet owner to add nodes
to his botnet.
•attrition
•the loss of nodes from the botnet.
•rate of growth/decay: size + recruitment - attrition

As a CISO, you have been asked why you can't just trust your employees to do the right thing. What benefit to the business comes from technical security controls? You have likely been asked to reduce risk and action every funded project at once. In this session, we will realistically consider which projects can reduce risk most quickly, which layers of security are most important, and how things like privilege management, vulnerability control, over-communicating, and simply reducing the attack surface can bring peace of mind and actual direct improvements to your information security posture.

Developers are from Mars, Security guys are from Venus

Xavier Mertens

Two enormous challenges face IT departments of all sizes and industries—hardening systems against increasingly sophisticated cyber threats, and being compliant with regulations. Fortunately, there's a single solution for both: Security Configuration Management (SCM) and there's a smart, easy way to learn all about it. This slide deck corresponds to the following webcast: - http://www.tripwire.com/register/scm-for-dummies/ In this presentation, we outline how to: - Harden systems against attack, - Rapidly repair configuration drift, and - Provide objective and actionable assessments of your organization’s security and compliance postures.

RDF and other linked data standards — how to make use of big localization data

Dave Lewis

The RMF: New Emphasis on the Risk Management Framework for Government Organiz...

Tripwire

The realities of security, compliance and IT Operations are forcing Federal organizations to rethink risk management. The Risk Management Framework (RMF), created by the DoD, provides a solid foundation for security program design and FISMA compliance that can help reduce risk in your environment. Federal Security and Compliance Expert Sean Sherman and Tripwire Senior Systems Engineer Steven Tipton discuss: · The RMF process and requirements · Pragmatic advice on getting started with RMF · How Tripwire solutions fit into each step of the RMF process Join us for an in-depth look at NIST-RMF and its cost effective organizational benefits.

Data security brian honan

Brian Honan

The dark side of the internet

Brian Honan

Evolving legacy to microservices and ddd

Marcos Vinícius

Nessa palestra contamos a experiência em evoluir um sistema de um grande cliente dos EUA da área de healthcare, que processa milhões de registros de produtos hospitalares. Partindo de um legado com base de dados caótica e códigos incompreensíveis, nossa responsabilidade foi aumentar a capacidade do sistema e ao mesmo tempo transformar sua arquitetura monolítica numa arquitetura com microservices – usando Domain-Driven Design, APIs REST, Java funcional e técnicas de Continuous Delivery. Contamos essa experiência destacando os passos para refatorar uma arquitetura tradicional para Domain-Driven Design, os benefícios do DDD, e como se pode, com pequenos passos, organizar o código na direção de microservices. Mostramos os benefícios que microservices trouxeram nesse projeto e como ajudam a baixar custos. E investigamos benefícios para implementar um design funcional, incluindo prevenção de bugs, redução de inconsistências de estados e aumento de legibilidade de código. Ao assistir essa palestra você irá enxergar como é possível migrar de um cenário caótico para um mais seguro e evolutivo – e também se inspirar em nossa experiência para aplicar mudanças nos seus sistemas legados.

Don't DYI your VDI: The Cloud-Hosted Desktop Goes Mainstream

Datapipe

IT Architecture and Architects

AndreDovgal1

reggieresumeReginald L. Jones

Your App is been deployed behind the Firewall! Now What?

Dennis Reumer

F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...

F5 Networks

[db tech showcase Tokyo 2015] C16:Oracle Disaster Recovery at New Zealand sto...Insight Technology, Inc.

IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...

IRJET Journal

Case Project 12-2 Devising an AD DS Design with RODC, AD RMS, and A.pdf

Amansupan

Carbon Factors manufactures emission detectors and employs a job-order costing system. During June, the company’s transactions and accounts included the following Raw materials purchased $265,000 Direct materials used in production 262,000 Raw materials inventory, beginning 4,200 Corporate administrative costs 21,400 Selling expenses 18,500 Sales 334,000 Total manufacturing overhead applied 39,200 Total manufacturing overhead incurred 38,100 Finished goods, beginning 17,200 Work in process inventory, beginning 13,700 Work in process inventory, ending 15,600 Direct labor cost incurred 48,000 Finished goods, ending 16,300 How much is cost of goods manufactured for June? Show all your computations. Solution Direct materials used in production $ 262,000 Direct labor cost incurred $ 48,000 Total manufacturing overhead incurred $ 38,100 Add: Work in process inventory, beginning $ 13,700 Less: Work in process inventory, ending $ 15,600 Cost ofgoods manufactured $ 346,200.

DSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoS

Andris Soroka

DDS: The data-centric future beyond message-based integration

Gerardo Pardo-Castellote

VMworld 2013: Turbo Charge Your VMware Horizon Deployments

VMworld

Fl@World™ overview presentation

John Dobbin

Dale E Shell Jr ResumeDale Shell

Admin Tech Ed Presentation Hardening Sql Serverrsnarayanan

Viewers also liked

Yet Another Dan Kaminsky Talk (Black Ops 2014)

Dan Kaminsky

The InfoSec Avengers

Tripwire

Security Configuration Management for Dummies

Tripwire

RDF and other linked data standards — how to make use of big localization data

Dave Lewis

The RMF: New Emphasis on the Risk Management Framework for Government Organiz...

Tripwire

Data security brian honan

Brian Honan

The dark side of the internet

Brian Honan

Viewers also liked (7)

Yet Another Dan Kaminsky Talk (Black Ops 2014)

The InfoSec Avengers

Security Configuration Management for Dummies

RDF and other linked data standards — how to make use of big localization data

The RMF: New Emphasis on the Risk Management Framework for Government Organiz...

Data security brian honan

The dark side of the internet

Similar to Distributed Denial Of Service Introduction

Evolving legacy to microservices and ddd

Marcos Vinícius

Don't DYI your VDI: The Cloud-Hosted Desktop Goes Mainstream

Datapipe

IT Architecture and Architects

AndreDovgal1

reggieresumeReginald L. Jones

Your App is been deployed behind the Firewall! Now What?

Dennis Reumer

F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...

F5 Networks

[db tech showcase Tokyo 2015] C16:Oracle Disaster Recovery at New Zealand sto...Insight Technology, Inc.

IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...

IRJET Journal

Case Project 12-2 Devising an AD DS Design with RODC, AD RMS, and A.pdf

Amansupan

DSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoS

Andris Soroka

DDS: The data-centric future beyond message-based integration

Gerardo Pardo-Castellote

VMworld 2013: Turbo Charge Your VMware Horizon Deployments

VMworld

Fl@World™ overview presentation

John Dobbin

Dale E Shell Jr ResumeDale Shell

Admin Tech Ed Presentation Hardening Sql Serverrsnarayanan

Reply 1 neededThere are a couple of options available when upg.docx

sodhi3

Reply 1 needed There are a couple of options available when upgrading from Server 2008 (R2) to Server 2012. The first and easiest option is a clean install. In this option, data must first be backed up as this will delete the previous OS and install the new version. The second option is a standard upgrade. This option preserves all the server roles currently in place as well as the hardware being used. (Microsoft, n.d). Some limitations to consider when upgrading are as follows: -Windows Server 2012 only supports 64-bit hardware -Upgrade from one language to another is not supported -Upgrading to certain editions are dependent on the previous OS you are running. -Some roles that are previously installed may not work properly and may need additional upgrades. I would recommend a clean install to avoid any issues that may develop during or after an in-place upgrade. I think that it would be more difficult to troubleshoot a standard upgrade failure than a clean install. Clean install may also alleviate the issues of previous application not working properly and may solve any current issues the server maybe experiencing. Reference: Microsoft. (n.d). Windows Server Installation and Upgrade. Retrieved from: https://technet.microsoft.com/en-us/windowsserver/dn527667.aspx Reply 2 needed Server Core is good for a very large enterprise environment. In this kind of environment, where hundreds of servers are employed, it is not ideal for the administrator to go to the individual server and manage them locally. Most of these configurations would be run through scripts and remote administrator tools, therefore, server core should be utilized. Some roles that I would install are active directory which handles network management of users data and security. Another would be Hyper-V which consolidates multiple servers into one single system. Other roles that could be used with server core includes DNS, DHCP, File Services, Print Services, Streaming Media Services, Web Server. (Microsoft, n.d). There are several advantages of using Server Core. One advantage would be security. Since server core has less services running on it, there are fewer possible of malicious attacks. It has greater stability since it requires less processes and services fewer things can go wrong. It also has a smaller footprint and requires fewer resources such as RAM as compared to using a full GUI. The disadvantages of Server Core is it has a steep learning curve and is limited to nine server roles Reference: Microsoft. (n.d). Why is Server Core Useful? Retrieved from: https://msdn.microsoft.com/en-us/library/dd184076.aspx Reply 1 needed When migrating from Windows Server 2008 to Windows Server 2012, the system requirements remain unchanged. Some features such as virtual domain controller cloning require that the PDC emulator run Windows Server 2012 and a computer running Windows Server 2012 with the Hyper-V role installed. Here are some big issues to keep in mind ...

Escalation defenses ad guardrails every company should deploy

David Rowe

Data vault: What's Next

Empowered Holdings, LLC

Final PresentationCurtis Lescalleet

R u hacked

Sumedt Jitpukdebodin

Similar to Distributed Denial Of Service Introduction (20)

Evolving legacy to microservices and ddd

Don't DYI your VDI: The Cloud-Hosted Desktop Goes Mainstream

IT Architecture and Architects

reggieresume

Your App is been deployed behind the Firewall! Now What?

F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...

[db tech showcase Tokyo 2015] C16:Oracle Disaster Recovery at New Zealand sto...

IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...

Case Project 12-2 Devising an AD DS Design with RODC, AD RMS, and A.pdf

DSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoS

DDS: The data-centric future beyond message-based integration

VMworld 2013: Turbo Charge Your VMware Horizon Deployments

Fl@World™ overview presentation

Dale E Shell Jr Resume

Admin Tech Ed Presentation Hardening Sql Server

Reply 1 neededThere are a couple of options available when upg.docx

Escalation defenses ad guardrails every company should deploy

Data vault: What's Next

Final Presentation

R u hacked

Recently uploaded

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Aggregage

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

SOFTTECHHUB

The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing. One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.

The Art of the Pitch: WordPress Relationships and Sales

Laura Byrne

Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes? All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.

GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...

Neo4j

Leonard Jayamohan, Partner & Generative AI Lead, Deloitte This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.

Introduction to CHERI technology - Cybersecurity

mikeeftimakis1

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

Elizabeth Buie - Older adults: Are we really designing for our future selves?

Nexer Digital

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

Climate Impact of Software Testing at Nordic Testing Days

Kari Kakkonen

My slides at Nordic Testing Days 6.6.2024 Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.

The Future of Platform Engineering

Jemma Hussein Allen

GridMate - End to end testing is a critical piece to ensure quality and avoid...

ThomasParaiso2

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

Free Complete Python - A step towards Data Science

RinaMondal9

PHP Frameworks: I want to break free (IPC Berlin 2024)

Ralf Eggert

In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development. This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.

Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf

Paige Cruz

Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack. While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack. I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:

Monitoring Java Application Security with JDK Tools and JFR Events

Ana-Maria Mihalceanu

DevOps and Testing slides at DASA Connect

Kari Kakkonen

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

FIDO Alliance

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

91mobiles

Essentials of Automations: The Art of Triggers and Actions in FME

Safe Software

In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation. We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios. Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!

Recently uploaded (20)

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

The Art of the Pitch: WordPress Relationships and Sales

GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...

Introduction to CHERI technology - Cybersecurity

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

Elizabeth Buie - Older adults: Are we really designing for our future selves?

Epistemic Interaction - tuning interfaces to provide information for AI support

Climate Impact of Software Testing at Nordic Testing Days

The Future of Platform Engineering

GridMate - End to end testing is a critical piece to ensure quality and avoid...

FIDO Alliance Osaka Seminar: Overview.pdf

Free Complete Python - A step towards Data Science

PHP Frameworks: I want to break free (IPC Berlin 2024)

Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf

Monitoring Java Application Security with JDK Tools and JFR Events

DevOps and Testing slides at DASA Connect

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

Essentials of Automations: The Art of Triggers and Actions in FME

Distributed Denial Of Service Introduction

1. Distributed Denial of Service attacks (DDoS) 101

2. AGENDA ry to is H Pr o What is it? Next Step s Ba sic te ct ion ed nc va ion Ad ct te ro P

3. s ple m Exa DNS root servers attacked 2002 DNS attacks Estonia attacks 2007 commercial targets 2010 2012

4. t? is i hat W too many requests...can t handle * this actually happened at a CCC congress in Berlin

5. t? is i hat W L2 application L2 infrastructure L1 backup infrastructure L1 Level 1 : Network-based (D)DoS Level 2 : Application-level (D)DoS Level 2 : Economic (D)DoS Process (D)DoS L2

6. t? is i hat W c c c c c c c c c c c c c c some terminology: •node •command&control •recruitment •attrition •rate of growth/decay: @ L1 infrastucture main s s backup s s s s

7. t? is i hat W L2 application db server server db web server db <?xml version="1.0"?> <!DOCTYPE lolz [ <!ENTITY lol "lol"> <!ENTITY lol2 "&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;"> <!ENTITY lol3 "&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;"> <!ENTITY lol4 "&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;"> <!ENTITY lol5 "&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;"> <!ENTITY lol6 "&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;"> <!ENTITY lol7 "&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;"> <!ENTITY lol8 "&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;"> <!ENTITY lol9 "&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;"> ]> <lolz>&lol9;</lolz> app app

8. c asi B tion ec rot P c c c c c c c c c c c c c c CDN @ content distribution network + no hardware limitations + no bandwidth limits + intelligence ISP main ON PREMISE backup s s s s - hardware limitations + (some) control over bandwidth + increased ‘intelligence’ s s - hardware limitations - no control over bandwidth - limited ‘intelligence’

9. d nce dva A tion ec rot P Web Application Firewall db server server web server db db app secure config secure config - cloud - devops centralized mgmt secure config app SDLC secure config

10. DN L SS S d nce dva A tion ec rot P APP XML

11. t Nex ? eps St process Incident Response • Prepare • Integrate service providers • “know your enemy” During an attack • Containment • Communications • Business Continuity After the attack • Return to normal operations • lessons learned • forensics

12. t Nex ? eps St quick wins ★ Build standard security components ★ encryption ★ AuthN/AuthZ ★ Logging ★ Input/Output validation ★ ... ★ Automate standardized processes (leverage tech) ★ deployment (including vuln scanning) ★ load balancing

13. Q&A

14. some terminology: •node •a computer recruited to the botnet and controlled by the botnet owner. •command&control (C2) •a central authority controlling the botnet, providing the nodes with instructions. •recruitment •the methods used by the botnet owner to add nodes to his botnet. •attrition •the loss of nodes from the botnet. •rate of growth/decay: size + recruitment - attrition

Distributed Denial Of Service Introduction

Recommended

Recommended

More Related Content

Viewers also liked

Viewers also liked (7)

Similar to Distributed Denial Of Service Introduction

Similar to Distributed Denial Of Service Introduction (20)

More from wremes

More from wremes (20)

Recently uploaded

Recently uploaded (20)

Distributed Denial Of Service Introduction