Denial of Service attacks (DoS) or Distributed Denial of Service Attacks (DDoS), have been around for many years, but only in the past few years have the frequency and magnitude of these attacks increased. They are a significant problem because they can shut an organization off from the Internet for extended periods of time and little can be done to stop them. DoS attacks occur when computer resources become unavailable to legitimate users after being exhausted by false requests for information (Houle and Weaver 1).
This research paper is a comprehensive look at DoS attacks, including information about their history and development, how to detect them, and what measures should be taken to prevent large amounts of damage.
History
The first documented DoS activity dates back to 1999. The methods and vulnerabilities are constantly changing, but the result is always the same. The following are some of the more important events:
1999
July-Widespread deployment of DDoS attacks based on a tool known as "trinoo" via various RPC related vulnerabilities. Many of the initial deployments were done manually, with intruders carefully testing and selecting hosts.
August-New DDoS tool known as Stacheldraht found in isolated incidents. Program added encrypted communications between the attacker and host systems.
December-Program known as Tribe Flood Network 2000 (TFN2K) was released and included features designed to make attack traffic more difficult to detect and trace.
2000
February-The now infamous DDoS attacks against websites like Yahoo, eBay, CNN, and eTrade took place, leaving the sites offline for hours.
April-Packet amplification attacks using nameservers became popular.
August-The Trinity DDoS tool...
... middle of paper ...
...extenuating TCP SYN flood attacks.
IPv6-the next version of IP, already implemented in some of the newest Internet ready devices. IPSEC and congestion control (ECN) functionality are already put into service. Increased address space will decrease the effectiveness of attacks scanning for vulnerable machines.
Conclusion
Sites can never be 100 percent safe if they are connected to the Internet. The ideal system is up to date on patches, has a firewall, is monitored, has all unneeded services disabled, and has up to date antivirus software installed. The ideal site also has an incident response capability and knowledgeable staff. Unfortunately the Internet is a highly interdependent world. There is no silver bullet to stop DoS attacks or vaccine to prevent them, but increasing awareness is the first step to successfully combating the problem.
Unfortunately, hacktivists that were threatening DTL Power managed to penetrate our defenses and take over part of our system. This threat actor was not in our system for a long period of time but was still able to affect the uptime of our system.
It seems that the website the college has deployed has become a target of a DoS attack or other malware attacks. To help resolve the issue, it is highly critical to implement a trace route to see if all networks are intact and no network has been compromised. Next step would be to install anti-malware, anti-spyware as well as firewalls to help protect against the attacks. Other steps that could be implemented to protect against the attack would be to implement strong and lengthy passwords, even consider encrypting the passwords since it correlates to sensitive data. Other safe practices that can be looked into are security access control measures where students and faculty have inside exposure to the website or in other words to be able to read/write and outsiders just have limited input.
At this juncture, it may be somewhat difficult to accept the proposition that a threat to the telecommunications grid, both wired and wireless, in the United States could potentially be subject to a catastrophic cyber attack. After careful research on the subject, it appears the potentiality of an event of such magnitude, which either disrupts one or the other grids for a long period or destroys either, is both theoretically and realistically impossible. It may be that proponents—those who advance such theories—equate such “doomsday” scenarios as if a cyber attack would or could be of the same magnitude as a conventional or nuclear military strike. Terms such as “cyber Pearl Harbor,” “cyber 9/11” and “cyber Vietnam” have been used to describes potential catastrophic cyber attacks and yet, “Though many have posited notions on what a ‘real’ cyber war would be like, we lack the understanding of how such conflicts will be conducted and evolve.” (Rattray & Healey, 2010, p. 77). Yet, the U.S. government continues to focus on such events, as if the plausibility of small-scale cyber attacks were not as pressing.
This essay answers two questions. Question one is to describe the methods and tools used in scanning and enumerating system and network targets and how one can use the results during the rest of the penetration test. The second question concerns what is the favorite tool that this student learned about in this class, how one uses it and an explanation of why and how it enhances one’s ability to conduct a penetration test.
It seems that DOS attacks and other forms of cyber attacks are not under Computer misuse Act legislation ( misinformation and ignorance from many sources such as some webs of IT security specialists) but after consultation with an international law firm that doubt was resolved,and Compuer Misuse Act encompasses a wide range of activities including DOS attacks.
The Aim Higher College’s system administrators and network engineers have described seeing some strange behaviors such as high levels of traffic from many hosts that are causing system outages. The web servers of the college have been shutting down frequently by this traffic, it must be from a hacker group trying to attack the school with malicious software. I will review the network traffic from the college’s intrusion detection system and use an intrusion prevention system to block off these threats from the hackers.
The 20 Enemies of the Internet. 1999. Radio Free Europe / Radio Liberty. Feb 20, 2001. <http://www.rferl.org/nca/special/enemies.html>.
Without proper protection, any part of any network can be susceptible to attacks or unauthorized activity. Routers, switches, and hosts can all be violated by professional hackers, company competitors. In fact, according to several studies, more than half of all network attacks are waged internally. To determine the best ways to protect against attacks, we should understand the many types of attacks that can be instigated and the damage that these attacks can cause to data. The most common types of attacks include Denial of Service (DoS), password, an...
2. How vulnerable is your company to a denial of service (DoS) attack or intrusion? What should be done about such vulnerabilities?
There are numerous network security devices and tools available to aid in computer network defense, and these tools are often relied upon for protecting against increasingly sophisticated, stealthy, and damaging attacks. When acting alone, the current generation of security devices has an exceedingly difficult time providing an effective defense against such threats, and the situation is particularly grim for targeted or novel attacks.
Within the last decade, the internet has proven to be the most efficient way to complete tasks in today’s society. Every major business in today’s society relies on the internet to conduct business. Though the internet is a useful tool, our reliability on it opens up the door for cyber-attacks that can be detrimental to business as a whole. One example of a cyber-attacks that have recently started becoming more prevalent are DDoS attacks. Recently, DDoS attacks have been a rising issue for businesses owners who run their own servers, such as video game companies and other high profile web servers, including banks and other credit card payment gateways.
Many nations in the world - the United States, China, Russia, Iran, Germany, and more- use cyber warfare as a method of conducting sabotage and espionage. Nations, such as China and Russia, use espionage in order to prevent their economy and their military technology from falling behind by stealing advanced nations’ technology. Other nations, including Israel and Iran, focus on sabotaging other nations to cripple them, by sending malwares that destroy important data on the system, from advancing their technology and costing them a decent amount of money due to repairs. Another popular cyber attack used, mainly with hacktivist, government- sympathetic groups not owned by the government, and nations less advanced in technology, is Denial-of-service, or DoS. DoS is used to hinder the target’s website and other things that are maintained by computers by making it unavailable to intended users. People argue there are no benefits for cyber warfare due to its potential destructive powers and instant process of destruction. While other people-looking from a different view find that cyber warfare does have its benefits. They argue that an important benefit is that cyber warfare takes place in cyber space meaning that it does not physically harm people. They also argue that cyber warfare draws the awareness of the nation on the ever increasing dangers of cyber warfare and forces the government to set up stronger cyber security to fend off international attacks, which also help protect the government from internal hackers. It also creates more jobs for hackers, who use their knowledge to increase the security instead of harm it. Although cyber warfare produces damaging effects on a nation, in the long run, it crea...
If you are considering using the Internet for a service that is absolutely time- or mission-critical, you should consider your fallback position in the event that the network is down or damaged. Microsoft has released hotfixes that address certain types of denial-of-service attacks such as SYN Flooding and giant Ping packets. Be sure to regularly watch for new Service Packs, because they offer new security enhancements that you should put on your systems.
The only counter measures taken so far that have been revealed is that the 300 Internet addresses were shut down in May 2010. The very recent public notification of this cyber-attack will continue to unfold and new implemented strategies to prevent a reoccurance remain to be seen. As a patriot of this great nation, what has been presented is of extreme, if not grave, concern. The challenges of cyberculture to our nation’s security have been revealed. To what extent our security has been breached is a matter of speculation but be informed that these breaches must be met with complete counter-active success - failure to do so is not an option. .
This project was originally conducted under the Advanced Research Projects Agency to counteract the USSR’s launch of the Sputnik. After the creation it had been called the Arpanet, and would be used specifically for government networks until the early 90’s. In 1990 the World Wide Web had been created as an online public network for everyday civilians to use.