DIFFUSING DENIAL OF SERVICE
|
|
- Jessie Carter
- 8 years ago
- Views:
Transcription
1 DIFFUSING DENIAL OF SERVICE DDoS attacks are proving increasingly catastrophic. The paper covers common attack techniques and what organisations can do to avert them.
2 Table of contents 02 Abstract 02 Introduction 03 Who is at risk? 03 Why are these attacks so difficult to detect and prevent? 03 Types of DDoS Attacks 04 How to block /mitigate DDoS attacks? 05 Deploying DDoS Prevention Devices in Premises 05 DDoS Prevention at Edge Level 05 DDoS Response Model for Enterprises 06 Conclusion 06 Reference 1 07 About GIS
3 Abstract: The proliferation of internet connectivity has expanded markets and reduced the inefficiencies associated with doing business across borders. With increasing broadband penetration in emerging markets, services can be delivered to customers from anywhere in the world. While globalization has expanded the possibilities for a business, however, at the same time, this increased reach and access have created many challenges for enterprises. A significant one today is the vulnerability to external attacks. High malware infection rates are common. When malware infected computers are taken over by centralized command-and-control servers, botnets are created which can be used by spurious parties with malicious intentions to disrupt the service of a competitor. Global botnets are currently using Distributed Denial of Service (DDoS) attacks to sabotage web services or a specific server. This paper talks about the different types of DDoS attacks and presents an approach to a DDoS protection strategy that empowers enterprises to better respond to such attacks and mitigate their impact on operations. Introduction: China and the United States, the two biggest economies in the world, are the victims of significant DDoS attacks on a daily basis. Over the last few years, the scope, nature and magnitude of DDoS attacks have only intensified. The Prolexic Quarterly Global DDoS Attack Report (Q1 2013) reveals that the number of attacks rose by 21 percent in Jan-Mar 2013 compared to Q Also, the duration of DDoS attacks grew to 34.5 hours from 28.5 hours while average attack bandwidth increased to a staggering Gbps from 6.1 Gbps in Q This places emerging markets under severe threat as they are characterized by inadequate client control. To emphasize the severity of these attacks, some examples are pertinent. A Hong Kong based provider of sophisticated trading platforms had to deal with the aftermath when one of its UK based clients a brokerage operating in the London financial district using its proprietary trading technology was targeted by a wave of DDoS attacks. The Hong Kong based trading platform provider was unable to provide access to its application platforms leading to disruption of trading services. The company subsequently implemented a DDoS mitigation program to avoid further downtime and financial losses. In another instance, an ecommerce company became the victim of a GET flood attack that lasted for two weeks during its busiest season. The attackers used the circuit between the ecommerce site and the internet service provider to launch the attack. As part of its efforts to protect itself from such attacks and avert business downtime, the company had implemented a DDoS mitigation strategy. Clearly, having a DDoS mitigation program in place is a key business imperative for enterprises to avoid loss of customer confidence, customer defection and prevent adverse impact on revenue and profitability. 02
4 Who is at risk? DDoS is a favorite ploy of attackers to shut down organizations at their whims and fancies. Not long ago, DDoS attacks were mainly targeted at household names and other obvious targets, but, today, any organization with money to lose, political interests or active enemies is susceptible to such attacks. In fact, anyone is a potential target! Based on our experience, we have found that some industries such as banking and financial services, internet service providers, internet data centers, cloud service providers and ecommerce are more vulnerable to DDoS attacks than others. The banking and financial services sector characterized by large volumes of transactions, data and traffic is especially susceptible to DDoS attacks with frequency as high as one every week. According to industry analyst reports, during 2012, out of 50 publicly documented DDoS attacks, the financial services sector accounted for 26 suffering an average outage of seven hours and average estimated loss of $17,057,214 per incident. Internet data centers play a key role in providing real time business-critical functions such as sales, communications, technical support etc., at the same time they also create new security challenges rendering traditional security mechanisms obsolete. According to the Worldwide Infrastructure Security Report 2012 released by Arbor Networks, DDoS attacks targeted at internet data centers have increased in frequency as well as severity and pose a significant risk to enterprises using such hosted services. Furthermore, with more and more companies moving their services to the cloud, the shared infrastructure model of cloud computing can result in attacks on a specific target negatively impacting many or all tenants using the same infrastructure. Why are these attacks so difficult to detect and prevent? There are multiple reasons that make DDoS attacks dangerous. First, the attacks are becoming more frequent and bigger in magnitude than ever before. Second, the type of attacks and the targeted components are so varied that they are not easy to detect. Third, DDoS attacks are usually targeted at a variety of network components such as routers, appliances, firewalls, applications, ISPs or data centers in different ways. Also, the increase in DDoS attacks is partly due to a gap in mitigation controls in enterprises industry research shows that about 20% of organizations have implemented a mitigation strategy. While there is no easy solution to prevent such attacks, implementing a proven DDoS protection approach is one way of tackling this issue. The solution should have the capability to restrict damage and allow your system to carry on business-as-usual during an attack. To tackle this problem, organizations learned to detect and mitigate the damage caused by DDoS attacks that used a common code. However, DDoS attackers adapted quickly and began encrypting their code again making it more difficult for enterprises to detect an attack and control the damage. Types of DDoS Attacks: It is useful to understand the various types of DDoS attacks possible and prepare better to tackle them. 1. TCP Connection Flood: A TCP connection flood tries to occupy all the available TCP connections on a server. It floods the server with requests for new connections, thereby preventing valid requests from being established and served. 2. ICMP Flood, Ping Flood, Smurf Attack: These attacks deluge the server with ICMP requests without waiting for a response. The objective is to overburden the server and adversely impact its ability to respond thereby blocking legitimate requests. 3. PUSH and ACK Flood: A PUSH or ACK flood DDoS attack inundates the server with fake PUSH and ACK requests to prevent the server from responding to legitimate traffic. 4. SYN Flood: During a SYN flood attack, huge numbers of SYN requests are sent by the client. When the server returns SYN-ACK messages, the client does not respond which leaves the server with open connections while it waits for further communication from the client. The TCP connection table tracks each of these half-open connections so that the table is filled up thereby blocking additional connection attempts, valid or otherwise. 5. Teardrop Attack: In a teardrop attack, the client sends a malformed information packet which has the ability to take advantage of the error that occurs when the packet is reassembled. This could lead to a crash in the operating system or the application that handles the packet. 6. UDP Flood: In a UDP flood attack, the server is overwhelmed with requests. The connection tables are saturated with requests on every accessible port on a server blocking legitimate requests from being served. Also, legitimate clients may not be able to access the server. 03
5 7. DNS flood: NXDOMAIN Flood: The DNS server receives a deluge of requests for invalid or nonexistent records and wastes time looking for records that do not exist instead of serving valid requests. The cache on the DNS server is filled with bad requests and clients are unable to find the servers they need. 8. DNS flood: Query Flood: In a DNS query flood attack, a network of clients is utilized to send a flood of valid requests to a single DNS server. DNS servers are unable to differentiate this from normal traffic as the requests are valid and targeted at a single DNS server. 9. SSL Flood and SSL Renegotiation Attacks: While making a request for a secure connection from a server is a simple task for the client, the server uses significant processing power while responding to such a request. An SSL flood or renegotiation attack exploits this imbalance in workload by asking for a secure connection, and subsequently renegotiating the relationship. 10. GET Flood: In this type of attack, two different kinds of attacks can be mounted by using the same request either by requesting static URLs at a high rate or by successively asking for every single object on the website. The objective is to overburden the server with a multitude of requests so that its resources are exhausted leaving it incapable of serving legitimate traffic. 11. Hash Denial of Service (DoS) Attack: The main web service platforms such as Java, ASP.NET, and Apache use a common algorithm for their dictionary tables. In a Hash DoS attack, a single POST message with thousands of variables is sent so that the hashing function overloads and the server is engaged in processing a single such request for around an hour. How to block /mitigate DDoS attacks? There are several ways to block DDoS attacks using multiple security products. DDoS Mitigation Mitigation - In premises Mitigation - At Edge Level Attacker Attacker User User ISP ISP Mitigation Mitigation Reference 1 gives an expansion of terms used in this section. 04
6 Deploying DDoS Prevention Devices in Premises: Security firewalls and intrusion prevention system devices which support prevention of DDoS attacks can be deployed or the existing devices can be upgraded with the latest version of images to help mitigate small scale DDoS attacks. These measures ensure that DDoS attacks do not allow traffic to reach destination servers/applications. However, the attack disrupts business as it increases consumption of internet bandwidth tremendously as mitigation occurs at in-house device levels. Also, this type of downstream response only helps protect against small attacks and is inadequate against attacks of a longer duration. Enterprises would need to solution with access to upstream traffic to prevent large scale attacks. DDoS Prevention at Edge Level: In this method, malicious traffic gets blocked at the service provider network level itself so that your internet bandwidth is used for original/real traffic. To ensure that legitimate traffic does not get blocked, security professionals continuously analyze customer traffic. Usually, the internet service provider can prevent DDoS attacks on your network. DDoS Response Model for Enterprises So, what are the components of a comprehensive internal DDoS mitigation plan? Engaging with a third party service provider to implement a hybrid solution which incorporates cloud based services and appliances will improve visibility of the network. While the cloud aspect will provide the versatility required for always-on threat monitoring and detection as well as the agility to handle a DDoS attack in real time, using appliances will help identify the compromised host in the network besides logging all the communications and transactions. Implementing a hybrid solution would enable real-time threat notification and detection, quick remediation, better damage control and limit post event costs. Organizations need to put in place a strategy to counter DDoS attacks or they risk losing valuable time that could potentially delay recovery after an attack. Figure 2 shows the steps involved in an effective incident response plan: Preparation: list the services that your ISP can provide and understand what can be done at the provider level Identification: detect the attack, define its scope and engage with the appropriate parties Mitigation: contain the effects of the attack on the targeted environment and initiate remedial measures Post incident analysis: record the details of the attack, identify gaps in preparation and mitigation Improvement: assess the efficacy of your response plan and rework your strategy based on the post event analysis report The complex and dynamic nature of the DDoS threat landscape makes it imperative for enterprises to adopt a services based internal defence strategy to protect against such attacks. The complexity as well as the increasing number of DDoS attacks have rendered deploying anti-malware platforms and firewalls an inadequate defence. 05
7 Preparation Attack Identification / Analysis Mitigation / Impact Reduction Learning s & Action Plan Continuous Improvement Have Detailed List of IP s/ Device/ Srevice ISP s DDos Services ISP Contacts Law/Legal Business Implications Hardening - OS/ NW / FW / Apps / DB IT resources Performance data. Vulnerability History / Trend of various business / technology risk User Awareness Review Logs/ Load Perform traffic Analysis Differentiate Malicious Vs Business traffic Conatct ISP for support Identify Root Cause Identify Damage Identify the infra component affected Involve legal/ Execute team for involving law enforcement team Restore form backup stop unwanted services/processes Dosable service / feature for sometime Block the IP/ rate-limit attack traffic bandwith at GW Increase bandwidth temporarily Traffic routing Implement pending security controls/fix Implementation of planned technologies WAF / IPS / DDoS etc. Preparation gaps Support gaps Attack identification / Analysis gaps Skill gaps Mitigation delay if any Limitations in containing / mitigating Relationship within and outside org Technology / Product requirement Risk simulation and analysis External VA / PT Review and take corrective action on preperation, analysis and mitigation gaps Implement the pending actionables on risk / vulnerabilities Hire the skills if anything is required User awareness New technology implementations Conclusion Today, more and more companies are dependent on their websites to meet revenue goals and provide customer support. Keeping in mind the dynamic nature of DDoS attacks and their huge impact, engaging with an expert to implement a DDoS mitigation program is critical to preventing business downtime. Reference 1 Expansions of Acronyms/Abbreviations TCP ICMP Flood PUSH and ACK Flood SYN Flood UDP Flood DNS Flood DNS Flood: NXDOMAIN Flood: DNS Flood: Query Flood SSL Flood GET Flood Transmission Control Protocol Internet control message protocol Flood Push and Acknowledgement Flood Synchronize sequence number Flood User Datagram Protocol Flood Domain Name Server Flood Non Existent Domain Flood Query Flood Secure Sockets Layer Flood Layer 7 - application layer Flood 06
8 About GIS Global Infrastructure Services (GIS), a unit of Wipro Limited, is an end to end IT infrastructure & outsourcing services provider to global customers across 61 countries. Its suite of Technology Infrastructure services spanning Data Center, End User Computing, Networks, Managed Services, Business Advisory and Global System Integration. Wipro, is a pioneer in Infrastructure Management services and is amongst the fastest-growing providers across the world. GIS enables customers to do business better by enabling innovation via standardization and automation, so that businesses can be more agile & scalable, so that they can find growth and succeed in their global business. Backed by our strong network of Integrated ServiceNXT Operation Centers and 11 owned data centres spread across US, Europe and APAC, this unit serves more than 500+ clients across with a global team of 23,800 professionals and contributes to over 30% of Wipro s IT Services revenues of Wipro Limited. About Wipro Ltd. Wipro Ltd. (NYSE:WIT) is a leading Information Technology, Consulting and Outsourcing company that delivers solutions to enable its clients do business better. Wipro delivers winning business outcomes through its deep industry experience and a 360 O view of "Business through Technology" - helping clients create successful and adaptive businesses. A company recognized globally for its comprehensive portfolio of services, a practitioner's approach to delivering innovation and an organization wide commitment to sustainability, Wipro has a workforce of 140,000 serving clients across 61 countries. For information visit 07
9 DO BUSINESS BETTER NYSE:WIT OVER 140,000 EMPLOYEES 61 COUNTRIES CONSULTING SYSTEM INTEGRATION OUTSOURCING WIPRO LIMITED, DODDAKANNELLI, SARJAPUR ROAD, BANGALORE , INDIA TEL : +91 (80) , FAX : +91 (80) , reachus@wipro.com WIPRO LIMITED No part of this booklet may be reproduced in any form by any electronic or mechanical means (including photocopying, recording and printing) without permission in writing from the publisher, except for reading and browsing via the world wide web. Users are not permitted to mount this booklet on any network server. IND/TMPL/DEC2013
CYBER SECURITY, A GROWING CIO PRIORITY
www.wipro.com CYBER SECURITY, A GROWING CIO PRIORITY Bivin John Verghese, Practitioner - Managed Security Services, Wipro Ltd. Contents 03 ------------------------------------- Abstract 03 -------------------------------------
More informationHow To Stop A Ddos Attack On A Website From Being Successful
White paper Combating DoS/DDoS Attacks Using Cyberoam Eliminating the DDoS Threat by Discouraging the Spread of Botnets www.cyberoam.com Introduction Denial of Service (DoS) and Distributed Denial of Service
More informationGuide to DDoS Attacks December 2014 Authored by: Lee Myers, SOC Analyst
INTEGRATED INTELLIGENCE CENTER Technical White Paper William F. Pelgrin, CIS President and CEO Guide to DDoS Attacks December 2014 Authored by: Lee Myers, SOC Analyst This Center for Internet Security
More informationAcquia Cloud Edge Protect Powered by CloudFlare
Acquia Cloud Edge Protect Powered by CloudFlare Denial-of-service (DoS) Attacks Are on the Rise and Have Evolved into Complex and Overwhelming Security Challenges TECHNICAL GUIDE TABLE OF CONTENTS Introduction....
More informationCloudFlare advanced DDoS protection
CloudFlare advanced DDoS protection Denial-of-service (DoS) attacks are on the rise and have evolved into complex and overwhelming security challenges. 1 888 99 FLARE enterprise@cloudflare.com www.cloudflare.com
More informationCOMBATING CYBER THREATS: A HOW TO FOR THE CISO.
www.wipro.com COMBATING CYBER THREATS: A HOW TO FOR THE CISO. Gopinathan. K, Practice Head - Managed Security and Network Services, Global Infrastructure Services (GIS), Wipro Infotech Contents 02 -------------------------------------
More informationArbor s Solution for ISP
Arbor s Solution for ISP Recent Attack Cases DDoS is an Exploding & Evolving Trend More Attack Motivations Geopolitical Burma taken offline by DDOS attack Protests Extortion Visa, PayPal, and MasterCard
More informationHow Cisco IT Protects Against Distributed Denial of Service Attacks
How Cisco IT Protects Against Distributed Denial of Service Attacks Cisco Guard provides added layer of protection for server properties with high business value. Cisco IT Case Study / < Security and VPN
More informationAbstract. Introduction. Section I. What is Denial of Service Attack?
Abstract In this report, I am describing the main types of DoS attacks and their effect on computer and network environment. This report will form the basis of my forthcoming report which will discuss
More informationHow To Protect A Dns Authority Server From A Flood Attack
the Availability Digest @availabilitydig Surviving DNS DDoS Attacks November 2013 DDoS attacks are on the rise. A DDoS attack launches a massive amount of traffic to a website to overwhelm it to the point
More informationThis document is licensed for use, redistribution, and derivative works, commercial or otherwise, in accordance with the Creative Commons
This document is licensed for use, redistribution, and derivative works, commercial or otherwise, in accordance with the Creative Commons Attribution-ShareAlike 4.0 International license. As a provider
More informationDDoS Protection. How Cisco IT Protects Against Distributed Denial of Service Attacks. A Cisco on Cisco Case Study: Inside Cisco IT
DDoS Protection How Cisco IT Protects Against Distributed Denial of Service Attacks A Cisco on Cisco Case Study: Inside Cisco IT 1 Overview Challenge: Prevent low-bandwidth DDoS attacks coming from a broad
More informationAutomated Mitigation of the Largest and Smartest DDoS Attacks
Datasheet Protection Automated Mitigation of the Largest and Smartest Attacks Incapsula secures websites against the largest and smartest types of attacks - including network, protocol and application
More informationSecure Software Programming and Vulnerability Analysis
Secure Software Programming and Vulnerability Analysis Christopher Kruegel chris@auto.tuwien.ac.at http://www.auto.tuwien.ac.at/~chris Operations and Denial of Service Secure Software Programming 2 Overview
More informationAnalysis on Some Defences against SYN-Flood Based Denial-of-Service Attacks
Analysis on Some Defences against SYN-Flood Based Denial-of-Service Attacks Sau Fan LEE (ID: 3484135) Computer Science Department, University of Auckland Email: slee283@ec.auckland.ac.nz Abstract A denial-of-service
More informationSecuring data centres: How we are positioned as your ISP provider to prevent online attacks.
Securing data centres: How we are positioned as your ISP provider to prevent online attacks. Executive Summary In today s technologically-demanding world, an organisation that experiences any internet
More informationStop DDoS Attacks in Minutes
PREVENTIA Forward Thinking Security Solutions Stop DDoS Attacks in Minutes 1 On average there are more than 7,000 DDoS attacks observed daily. You ve seen the headlines. Distributed Denial of Service (DDoS)
More information1. Introduction. 2. DoS/DDoS. MilsVPN DoS/DDoS and ISP. 2.1 What is DoS/DDoS? 2.2 What is SYN Flooding?
Page 1 of 5 1. Introduction The present document explains about common attack scenarios to computer networks and describes with some examples the following features of the MilsGates: Protection against
More informationOverview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationDISTRIBUTED DENIAL OF SERVICE OBSERVATIONS
: DDOS ATTACKS DISTRIBUTED DENIAL OF SERVICE OBSERVATIONS 1 DISTRIBUTED DENIAL OF SERVICE OBSERVATIONS NTT is one of the largest Internet providers in the world, with a significant share of the world s
More informationDenial of Service Attacks
2 Denial of Service Attacks : IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 13 August 2013 its335y13s2l06, Steve/Courses/2013/s2/its335/lectures/malicious.tex,
More informationSeminar Computer Security
Seminar Computer Security DoS/DDoS attacks and botnets Hannes Korte Overview Introduction What is a Denial of Service attack? The distributed version The attacker's motivation Basics Bots and botnets Example
More informationProtect your network: planning for (DDoS), Distributed Denial of Service attacks
Protect your network: planning for (DDoS), Distributed Denial of Service attacks Nov 19, 2015 2015 CenturyLink. All Rights Reserved. The CenturyLink mark, pathways logo and certain CenturyLink product
More informationVALIDATING DDoS THREAT PROTECTION
VALIDATING DDoS THREAT PROTECTION Ensure your DDoS Solution Works in Real-World Conditions WHITE PAPER Executive Summary This white paper is for security and networking professionals who are looking to
More informationDenial Of Service. Types of attacks
Denial Of Service The goal of a denial of service attack is to deny legitimate users access to a particular resource. An incident is considered an attack if a malicious user intentionally disrupts service
More informationAvailability Digest. www.availabilitydigest.com. Prolexic a DDoS Mitigation Service Provider April 2013
the Availability Digest Prolexic a DDoS Mitigation Service Provider April 2013 Prolexic (www.prolexic.com) is a firm that focuses solely on mitigating Distributed Denial of Service (DDoS) attacks. Headquartered
More informationSHARE THIS WHITEPAPER. Top Selection Criteria for an Anti-DDoS Solution Whitepaper
SHARE THIS WHITEPAPER Top Selection Criteria for an Anti-DDoS Solution Whitepaper Table of Contents Top Selection Criteria for an Anti-DDoS Solution...3 DDoS Attack Coverage...3 Mitigation Technology...4
More informationDDoS DETECTING. DDoS ATTACKS WITH INFRASTRUCTURE MONITORING. [ Executive Brief ] Your data isn t safe. And neither is your website or your business.
[ Executive Brief ] DDoS DETECTING DDoS ATTACKS WITH INFRASTRUCTURE MONITORING. Your data isn t safe. And neither is your website or your business. Hacking has become more prevalent and more sophisticated
More informationWhite Paper. Intelligent DDoS Protection Use cases for applying DDoS Intelligence to improve preparation, detection and mitigation
White Paper Intelligent DDoS Protection Use cases for applying DDoS Intelligence to improve preparation, detection and mitigation Table of Contents Introduction... 3 Common DDoS Mitigation Measures...
More informationTHINGS TO AVOID IN CHOOSING YOUR CLOUD PROVIDERS
WWW.WIPRO.COM THINGS TO AVOID IN CHOOSING YOUR CLOUD PROVIDERS A GUIDE TO GETTING YOUR JOURNEY TO CLOUD RIGHT Robert Down Enterprise Architect Manufacturing and Hi-Tech Table of contents 01 Abstract 01
More informationSecuring Your Business with DNS Servers That Protect Themselves
Summary: The Infoblox DNS security product portfolio mitigates attacks on DNS/DHCP servers by intelligently recognizing various attack types and dropping attack traffic while responding only to legitimate
More informationCS5008: Internet Computing
CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is
More informationA Layperson s Guide To DoS Attacks
A Layperson s Guide To DoS Attacks A Rackspace Whitepaper A Layperson s Guide to DoS Attacks Cover Table of Contents 1. Introduction 2 2. Background on DoS and DDoS Attacks 3 3. Types of DoS Attacks 4
More informationChapter 8 Security Pt 2
Chapter 8 Security Pt 2 IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross,
More informationMitigating Denial of Service Attacks. Why Crossing Fingers is Not a Strategy
Mitigating Denial of Service Attacks Why Crossing Fingers is Not a Strategy Introduction Mark Baldwin - Owner of Tectonic Security MSSP and Security Consulting Primarily Work With SMBs DDoS Mitigation
More informationDDoS Overview and Incident Response Guide. July 2014
DDoS Overview and Incident Response Guide July 2014 Contents 1. Target Audience... 2 2. Introduction... 2 3. The Growing DDoS Problem... 2 4. DDoS Attack Categories... 4 5. DDoS Mitigation... 5 1 1. Target
More informationwww.prolexic.com Stop DDoS Attacks in Minutes
www.prolexic.com Stop DDoS Attacks in Minutes Prolexic gives us the strong insurance policy against DDoS attacks that we were looking for. Mark Johnson, Chief Financial Officer, RealVision You ve seen
More informationSECURING APACHE : DOS & DDOS ATTACKS - I
SECURING APACHE : DOS & DDOS ATTACKS - I In this part of the series, we focus on DoS/DDoS attacks, which have been among the major threats to Web servers since the beginning of the Web 2.0 era. Denial
More informationJUST FOR THOSE WHO CAN T TOLERATE DOWNTIME WE ARE NOT FOR EVERYONE
WE ARE NOT FOR EVERYONE JUST FOR THOSE WHO CAN T TOLERATE DOWNTIME Don t let a DDoS attack bring your online business to a halt we can protect any server in any location DON T GET STUCK ON THE ROAD OF
More informationJOURNEY TO A BOUNDARYLESS ENTERPRISE
WWW.WIPRO.COM JOURNEY TO A BOUNDARYLESS ENTERPRISE ACCELERATING BUSINESSES WITH THE BOUNDARYLESS DATACENTER MILIND HALAPETH General Manager and Global Head of Datacenter Practice at Wipro Technologies
More informationDDoS Attacks: The Latest Threat to Availability. Dr. Bill Highleyman Managing Editor Availability Digest
DDoS Attacks: The Latest Threat to Availability Dr. Bill Highleyman Managing Editor Availability Digest The Anatomy of a DDoS Attack Sombers Associates, Inc. 2013 2 What is a Distributed Denial of Service
More informationSHARE THIS WHITEPAPER. On-Premise, Cloud or Hybrid? Approaches to Mitigate DDoS Attacks Whitepaper
SHARE THIS WHITEPAPER On-Premise, Cloud or Hybrid? Approaches to Mitigate DDoS Attacks Whitepaper Table of Contents Overview... 3 Current Attacks Landscape: DDoS is Becoming Mainstream... 3 Attackers Launch
More informationAutomated Mitigation of the Largest and Smartest DDoS Attacks
Datasheet Protection Automated Mitigation of the Largest and Smartest Attacks Incapsula secures websites against the largest and smartest types of attacks - including network, protocol and application
More informationTLP WHITE. Denial of service attacks: what you need to know
Denial of service attacks: what you need to know Contents Introduction... 2 What is DOS and how does it work?... 2 DDOS... 4 Why are they used?... 5 Take action... 6 Firewalls, antivirus and updates...
More informationDistributed Denial of Service (DDoS) attacks. Imminent danger for financial systems. Tata Communications Arbor Networks.
Distributed Denial of Service (DDoS) attacks Imminent danger for financial systems Presented by Tata Communications Arbor Networks 1 Agenda Importance of DDoS for BFSI DDoS Industry Trends DDoS Technology
More informationHow To Block A Ddos Attack On A Network With A Firewall
A Prolexic White Paper Firewalls: Limitations When Applied to DDoS Protection Introduction Firewalls are often used to restrict certain protocols during normal network situations and when Distributed Denial
More informationDenial of Service Attacks. Notes derived from Michael R. Grimaila s originals
Denial of Service Attacks Notes derived from Michael R. Grimaila s originals Denial Of Service The goal of a denial of service attack is to deny legitimate users access to a particular resource. An incident
More information1 2013 Infoblox Inc. All Rights Reserved. Securing the critical service - DNS
1 2013 Infoblox Inc. All Rights Reserved. Securing the critical service - DNS Dominic Stahl Systems Engineer Central Europe 11.3.2014 Agenda Preface Advanced DNS Protection DDOS DNS Firewall dynamic Blacklisting
More informationFederal Computer Incident Response Center (FedCIRC) Defense Tactics for Distributed Denial of Service Attacks
Threat Paper Federal Computer Incident Response Center (FedCIRC) Defense Tactics for Distributed Denial of Service Attacks Federal Computer Incident Response Center 7 th and D Streets S.W. Room 5060 Washington,
More informationHOW TO PREVENT DDOS ATTACKS IN A SERVICE PROVIDER ENVIRONMENT
HOW TO PREVENT DDOS ATTACKS IN A SERVICE PROVIDER ENVIRONMENT The frequency and sophistication of Distributed Denial of Service attacks (DDoS) on the Internet are rapidly increasing. Most of the earliest
More informationWHITE PAPER. FortiGate DoS Protection Block Malicious Traffic Before It Affects Critical Applications and Systems
WHITE PAPER FortiGate DoS Protection Block Malicious Traffic Before It Affects Critical Applications and Systems Abstract: Denial of Service (DoS) attacks have been a part of the internet landscape for
More information1 2014 2013 Infoblox Inc. All Rights Reserved. Talks about DNS: architectures & security
1 2014 2013 Infoblox Inc. All Rights Reserved. Talks about DNS: architectures & security Agenda Increasing DNS availability using DNS Anycast Opening the internal DNS Enhancing DNS security DNS traffic
More informationSY0-201. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.
system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users. From a high-level standpoint, attacks on computer systems and networks can be grouped
More informationV-ISA Reputation Mechanism, Enabling Precise Defense against New DDoS Attacks
Enabling Precise Defense against New DDoS Attacks 1 Key Points: DDoS attacks are more prone to targeting the application layer. Traditional attack detection and defensive measures fail to defend against
More informationWhite paper. TrusGuard DPX: Complete Protection against Evolving DDoS Threats. AhnLab, Inc.
TrusGuard DPX: Complete Protection against Evolving DDoS Threats AhnLab, Inc. Table of Contents Introduction... 2 The Evolution of DDoS Attacks... 2 Typical Protection against DDoS Attacks... 3 Firewalls...
More information2012 Infrastructure Security Report. 8th Annual Edition Kleber Carriello Consulting Engineer
2012 Infrastructure Security Report 8th Annual Edition Kleber Carriello Consulting Engineer Key Findings in the Survey* Advanced Persistent Threats (APT) a top concern for service providers and enterprises
More informationComplete Protection against Evolving DDoS Threats
Complete Protection against Evolving DDoS Threats AhnLab, Inc. Table of Contents Introduction... 2 The Evolution of DDoS Attacks... 2 Typical Protection against DDoS Attacks... 3 Firewalls... 3 Intrusion
More informationExecutive Suite Series A Prolexic White Paper
A Prolexic White Paper DDoS Denial of Service Protection and the Cloud Introduction Cloud computing ( the cloud ) has transformed the way that the world s businesses deploy and share applications and IT
More informationDDoS Protection Technology White Paper
DDoS Protection Technology White Paper Keywords: DDoS attack, DDoS protection, traffic learning, threshold adjustment, detection and protection Abstract: This white paper describes the classification of
More informationDenial of Service. Tom Chen SMU tchen@engr.smu.edu
Denial of Service Tom Chen SMU tchen@engr.smu.edu Outline Introduction Basics of DoS Distributed DoS (DDoS) Defenses Tracing Attacks TC/BUPT/8704 SMU Engineering p. 2 Introduction What is DoS? 4 types
More informationModern Denial of Service Protection
Modern Denial of Service Protection What is a Denial of Service Attack? A Denial of Service (DoS) attack is generally defined as a network-based attack that disables one or more resources, such as a network
More informationApplication Security Backgrounder
Essential Intrusion Prevention System (IPS) & DoS Protection Knowledge for IT Managers October 2006 North America Radware Inc. 575 Corporate Dr., Lobby 1 Mahwah, NJ 07430 Tel: (888) 234-5763 International
More informationHow To Mitigate A Ddos Attack
VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT ISSUE 3 3RD QUARTER 2014 CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS 4 Mitigations by Attack Size 4 Mitigations by Industry 5
More informationWhy Is DDoS Prevention a Challenge?
ANALYST BRIEF Why Is DDoS Prevention a Challenge? PROTECTING AGAINST DISTRIBUTED DENIAL-OF-SERVICE ATTACKS Authors Andrew Braunberg, Mike Spanbauer Overview Over the past decade, the threat landscape has
More informationDistributed Denial of Service protection
Distributed Denial of Service protection The cost in terms of lost business caused by a successful DDoS attacks can be significant. Our solution recognises when a DDoS attack is happening and identifies
More informationDenial of Service (DoS) Technical Primer
Denial of Service (DoS) Technical Primer Chris McNab Principal Consultant, Matta Security Limited chris.mcnab@trustmatta.com Topics Covered What is Denial of Service? Categories and types of Denial of
More informationCS 356 Lecture 16 Denial of Service. Spring 2013
CS 356 Lecture 16 Denial of Service Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter
More informationSurvey on DDoS Attack Detection and Prevention in Cloud
Survey on DDoS Detection and Prevention in Cloud Patel Ankita Fenil Khatiwala Computer Department, Uka Tarsadia University, Bardoli, Surat, Gujrat Abstract: Cloud is becoming a dominant computing platform
More informationDistributed Denial of Service(DDoS) Attack Techniques and Prevention on Cloud Environment
Distributed Denial of Service(DDoS) Attack Techniques and Prevention on Cloud Environment Keyur Chauhan 1,Vivek Prasad 2 1 Student, Institute of Technology, Nirma University (India) 2 Assistant Professor,
More informationIntroduction to DDoS Attacks. Chris Beal Chief Security Architect MCNC chris.beal@mcnc.org @mcncsecurity on Twitter
Introduction to DDoS Attacks Chris Beal Chief Security Architect MCNC chris.beal@mcnc.org @mcncsecurity on Twitter DDoS in the News Q1 2014 DDoS Attack Trends DDoS Attack Trends Q4 2013 Mobile devices
More informationSecurityDAM On-demand, Cloud-based DDoS Mitigation
SecurityDAM On-demand, Cloud-based DDoS Mitigation Table of contents Introduction... 3 Why premise-based DDoS solutions are lacking... 3 The problem with ISP-based DDoS solutions... 4 On-demand cloud DDoS
More informationDefense for Distributed Denial of Service
Defense for Distributed Denial of Service Attacks Do It Yourself or Head for the Cloud? By John Burke Principal Research Analyst, Nemertes Research Executive Summary Distributed Denial of Service (DDoS)
More informationSecurity. 26 November 2012 Vol.18 No11
Security 26 November 2012 Vol.18 No11 DDoS attacks: The impact DDoS experts explain how to try to prevent DDoS attacks and what the impact is of an attack on an enterprise The cost of a Distributed Denial
More informationSecuring Your Business with DNS Servers That Protect Themselves
Product Summary: The Infoblox DNS security product portfolio mitigates attacks on DNS servers by intelligently recognizing various attack types and dropping attack traffic while responding only to legitimate
More informationWhat to Look for When Choosing a CDN for DDoS Protection Written by Bizety
What to Look for When Choosing a CDN for DDoS Protection Written by Bizety WHITE PAPER Introduction Every online company should be familiar with Distributed Denial of Service (DDoS) attacks and the risk
More informationUnderstanding & Preventing DDoS Attacks (Distributed Denial of Service) A Report For Small Business
& Preventing (Distributed Denial of Service) A Report For Small Business According to a study by Verizon and the FBI published in 2011, 60% of data breaches are inflicted upon small organizations! Copyright
More informationDos & DDoS Attack Signatures (note supplied by Steve Tonkovich of CAPTUS NETWORKS)
Dos & DDoS Attack Signatures (note supplied by Steve Tonkovich of CAPTUS NETWORKS) Signature based IDS systems use these fingerprints to verify that an attack is taking place. The problem with this method
More informationSecuring Your Business with DNS Servers That Protect Themselves
Product Summary: The Infoblox DNS security product portfolio mitigates attacks on DNS/DHCP servers by intelligently recognizing various attack types and dropping attack traffic while responding only to
More informationFirewalls and Intrusion Detection
Firewalls and Intrusion Detection What is a Firewall? A computer system between the internal network and the rest of the Internet A single computer or a set of computers that cooperate to perform the firewall
More informationLoad Balancing Security Gateways WHITE PAPER
Load Balancing Security Gateways WHITE PAPER Table of Contents Acceleration and Optimization... 4 High Performance DDoS Protection... 4 Web Application Firewall... 5 DNS Application Firewall... 5 SSL Insight...
More informationADC Survey GLOBAL FINDINGS
ADC Survey GLOBAL FINDINGS CONTENTS Executive Summary...4 Methodology....8 Finding 1: Attacks Getting More Difficult to Defend... 10 Finding 2: Attacks Driving High Costs to Organizations.... 14 Finding
More informationTECHNICAL NOTE 06/02 RESPONSE TO DISTRIBUTED DENIAL OF SERVICE (DDOS) ATTACKS
TECHNICAL NOTE 06/02 RESPONSE TO DISTRIBUTED DENIAL OF SERVICE (DDOS) ATTACKS 2002 This paper was previously published by the National Infrastructure Security Co-ordination Centre (NISCC) a predecessor
More informationDDoS Attack Mitigation Report. Media & Entertainment Finance, Banking & Insurance. Retail
DDoS Attack Mitigation Report Media & Entertainment Finance, Banking & Insurance Retail DDoS Attack Mitigation Report Media & Entertainment Attack on Spanish-Language News Site is Abandoned When Traffic
More informationSECURITY ANALYTICS & INTELLIGENCE FOR CRITICAL INFRASTRUCTURE
www.wipro.com SECURITY ANALYTICS & INTELLIGENCE FOR CRITICAL INFRASTRUCTURE Saritha Auti Practice Head Enterprise Security Solutions, Wipro Table of Contents 03... Executive Summary 04... Demystifying
More informationJUNOS DDoS SECURE. Advanced DDoS Mitigation Technology
JUNOS DDoS SECURE Advanced DDoS Mitigation Technology Biography Nguyen Tien Duc ntduc@juniper.net, +84 903344505 Consulting Engineer- Viet Nam CISSP # 346725 CISA # 623462 2 Copyright 2013 Juniper Networks,
More informationSecuring Your Business with DNS Servers That Protect Themselves
Product Summary: The Infoblox Secure DNS Solution mitigates attacks on DNS servers by intelligently recognizing various attack types and dropping attack traffic while responding only to legitimate queries.
More informationDatacenter Transformation
Datacenter Transformation Consolidation Without Compromising Compliance and Security Joe Poehls Solution Architect, F5 Networks Challenges in the infrastructure I have a DR site, but the ROI on having
More informationWHITE PAPER ENSURING APPLICATION AVAILABILITY AND SECURITY IN THE CLOUD
WHITE PAPER ENSURING APPLICATION AVAILABILITY AND SECURITY IN THE CLOUD CONTENTS EXECUTIVE SUMMARY 3 THE LIFEBLOOD OF MANY BUSINESSES IS UNDER ATTACK 3 IT LEADERS FACE A DIFFICULT BALANCING ACT 3 Companies
More informationDDoS Basics. internet: unique numbers that identify areas and unique machines on the network.
DDoS Basics Introduction Distributed Denial of Service (DDoS) attacks are designed to prevent or degrade services provided by a computer at a given Internet Protocol 1 (IP) address. This paper will explain,
More informationREMOTE BRANCH MANAGEMENT FOR BUSINESSES
WWW.WIPRO.COM REMOTE BRANCH MANAGEMENT FOR BUSINESSES Simplified through Remote Infrastructure Management Services Varun Malhotra, National Practice Manager - Network and Security, Wipro Infotech Table
More informationTDC s perspective on DDoS threats
TDC s perspective on DDoS threats DDoS Dagen Stockholm March 2013 Lars Højberg, Technical Security Manager, TDC TDC in Sweden TDC in the Nordics 9 300 employees (2012) Turnover: 26,1 billion DKK (2012)
More informationWeb Application Defence. Architecture Paper
Web Application Defence Architecture Paper June 2014 Glossary BGP Botnet DDoS DMZ DoS HTTP HTTPS IDS IP IPS LOIC NFV NGFW SDN SQL SSL TCP TLS UTM WAF XSS Border Gateway Protocol A group of compromised
More informationDoS: Attack and Defense
DoS: Attack and Defense Vincent Tai Sayantan Sengupta COEN 233 Term Project Prof. M. Wang 1 Table of Contents 1. Introduction 4 1.1. Objective 1.2. Problem 1.3. Relation to the class 1.4. Other approaches
More informationCSE 3482 Introduction to Computer Security. Denial of Service (DoS) Attacks
CSE 3482 Introduction to Computer Security Denial of Service (DoS) Attacks Instructor: N. Vlajic, Winter 2015 Learning Objectives Upon completion of this material, you should be able to: Explain the basic
More informationFour Considerations for Addressing the DDoS Risk for Carrier and Cloud Hosting Providers
Four Considerations for Addressing the DDoS Risk for Carrier and Cloud Hosting Providers Whitepaper SHARE THIS WHITEPAPER Table of Contents The Rising Threat of Cyber-Attack Downtime...3 Four Key Considerations
More information