Denial of Service Flashcards

1
Q

Denial of service

A
  • Force a service to fail
    • Overload the service
  • Take advantage of a design failure or vulnerability
    • Keep your systems patched!
  • Cause a system to be unavailable
    • Competitive advantage
  • Create a smokescreen for some other exploit
    • Precursor to a DNS spoofing attack

• Doesn’t have to be complicated - Turn off the power

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A “friendly” DoS

A
  • Unintentional DoSing - It’s not always a ne’er-do-well
  • Network DoS - Layer 2 loop without STP

• Bandwidth DoS
• Downloading multi-gigabyte Linux distributions
over a DSL line

• The water line breaks - Get a good shop vacuum

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Distributed Denial of Service (DDoS)

A
  • Launch an army of computers to bring down a service
    • Use all the bandwidth or resources - traffic spike

• This is why the bad guys have botnets
• Thousands or millions of computers at your
command
• At its peak, Zeus botnet infected over 3.6 million
PCs
• Coordinated attack

• Asymmetric threat
• The attacker may have fewer resources than the
victim

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

DDOS amplification

A
  • Turn your small attack into a big attack
    • Often reflected off another device or service
  • An increasingly common DDoS technique
    • Turn Internet services against the victim

• Uses protocols with little (if any) authentication or
checks
• NTP, DNS, ICMP
• A common example of protocol abuse

How well did you know this?
1
Not at all
2
3
4
5
Perfectly