SlideShare a Scribd company logo

Assingement on dos ddos

Download as PPTX, PDF
kalyan kumar
kalyan kumar

This document discusses denial of service (DoS) and distributed denial of service (DDoS) attacks. It defines DoS as an attempt to make a machine or network unavailable to its intended users. A DDoS attack involves using multiple compromised systems to launch a DoS attack on a single target. Types of DDoS attacks include bandwidth attacks, SYN flood attacks, and program/application attacks. The document also discusses botnets, common DDoS attack tools like Hulk, symptoms of a DoS attack, and various countermeasures organizations can implement such as IDS/IPS, firewalls, ingress/egress filtering, and load balancing to detect and mitigate DDoS attacks.

Related slideshows

An introduction to denial of service attacks
An introduction to denial of service attacksAn introduction to denial of service attacks
An introduction to denial of service attacks
 
DNS Attacks
DNS AttacksDNS Attacks
DNS Attacks
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service Attacks
 
1 of 30
Topic: Denial of service(DOS), Distributed Denial of service(DDOS) ASSIGNMENT
What is denial of service What is Distributed denial of service Types of DDos Symptoms of a Dos attack Botnets DDOS attack tools DDOS using Hulk DOS/DDOS Countermeasures
Lets start what is Denial of service(Dos): Dos is an attack on a computer or network that prevents legitimate use its resources In a computing, a denial of service attack is an attempt to a make a machine or computer resources unavailable to its intended users It generally consists of the efforts of one or more people to temporarily or indefinitely interrupt or suspend services of a host connected to the internet DENIAL OF SERVICE(DOS)
A Distributed denial – of –service attack involves a multitude of compromised systems attacking a single target, there by causing denial of service for users of the targeted systems To launch a DDos attacker, an attacker uses botnets and attacks a single system DISTRIBUTED DENIAL OF SERVICE(DOS)
HOW DISTRIBUTED DENIAL OF SERVICE ATTACKS WORK In a DDos attack , the target browser or network is pounded by many applications with fake exterior requests that make the system, network browser, or site slow,useless,and disabled or unavailable. The attacker initiates the attack by sending a command to zombie agents send a connection request to a genuine computer system
HOW DISTRIBUTED DENIAL OF SERVICE ATTACKS WORK
TYPES OF DDOS ATTACKS DDOs attackers can be categorized into three types  Bandwidth attacks  Syn flood attacks  Program and application attacks
TYPES OF DDOS ATTACKS Bandwidth attacks: A bandwidth attack floods a network with a large volume of malicious packets in order to overwhelm the network bandwidth. The aim of a bandwidth attack is to consume network bandwidth of a targeted network to such an extent that is starts dropping packets. Typically a large no.of machines is required to generate the volume of traffic required to flood a network.as the attack is carried out by multiple machines that are combined together to generate overloaded traffic
TYPES OF DDOS ATTACKS ICMP FLOOD : Using botnets and carry out DDos attacks by flooding with ICMP ECHO packets Internet Control Message Protocol (ICMP) is a connectionless protocol used for IP operations, diagnostics, and errors. An ICMP Flood - the sending of an abnormally large number of ICMP packets of any type (especially network latency testing “ping” packets) - can overwhelm a target server that attempts to process every incoming ICMP request
TYPES OF DDOS ATTACKS ICMP FLOOD :
Syn flood attacks: A SYN attack is a simple form of Dos attack. in this attack an attacker sends a series of syn requests to a target machine(victim). When a cilent wants to begin a Tcp connection to the server, the client and the server exchange a series of a messages as follows The attacker sends a fake TCP SYN requests to that target server(victim) The target machine sends back a SYN ACK in a respones to the request and waits for the ACK to complete the sessions setup The target machine never gets the respones because the sources’s address is fake TYPES OF DDOS ATTACKS
TYPES OF DDOS ATTACKS Syn flood attacks:
TYPES OF DDOS ATTACKS Program and application attacks: Program and application attacks are carried out by causing a critical error on a machine to halt the machine’s capability of operating. These types of attack(listed here) can occur when an attacker exploits a vulnerable program, sends a large amount of data or sends weird malformed packets
TYPES OF DDOS ATTACKS PING OF DEATH: Ping of death is a denial of service (DoS) attack caused by an attacker deliberately sending an IP packet larger than the 65,536 bytes allowed by the IP protocol. cmd : ping Target site -t -l 65500
SYMPTOMS OF A DOS ATTACK Based on the target machine the symptoms of a Dos attack may vary There are four types of dos attacks  Unavailability of a particular wedsite  Inability to access any wedsite  Dramatic increase in the amount of spam emails received  Unusually slow network performance
BOTNET Botnet: The term botnet is derived from the word robot network which is also called zombie army. A botnet is a huge network of compromised systems.it can compromised huge numbers of machines without the intervention of a machine owners. Botnets consists of a set of compromised systems that are monitored for a specific command infrastructure
BOTNET Purpose of Botnets: Allows the intruder to operate remotely Scans environment automatically, and spreads through vulnerable areas gaining access via weak passwords and other means Allows compromised a host’s machine through a variety of tools Creates Dos attacks Enables spam attacks that cause Smtp mail relays Enables click fraud and other illegal activities
DDOS ATTACK TOOLS  Nemesy  Http unberable load king  Lizard Stresser  High Orbit Ion Cannon  Low Orbit Ion Cannon  Land and LA Tierra  Blast  Panther  Botnets
DDOS ATTACK USINGHULK((HTTP UNBEARABLE LOAD KING) R e q u i r e m e n t s : 1 ) P y t h o n 2 ) H u l k . p y 3 ) W i n d o w s / K a l i L i n u x
DDOS ATTACK USINGHULK((HTTP UNBEARABLE LOAD KING) 1) Download & install python (https://www.python.org/downloads/) 2) Download Hulk (http://packetstormsecurity.com/files/112856/HULK-Http- Unbearable-Load-King.html)
DDOS ATTACK USINGHULK((HTTP UNBEARABLE LOAD KING) Lets starts Attack using hulk Open command prompt using (using windows key +R) Type cmd click on ok
Place hulk file on desktop then type : cd desktop DDOS ATTACK USINGHULK((HTTP UNBEARABLE LOAD KING)
Locate destination: cd hulk DDOS ATTACK USINGHULK((HTTP UNBEARABLE LOAD KING)
Now the Directory changes to hulk & enter : hullk.py DDOS ATTACK USINGHULK((HTTP UNBEARABLE LOAD KING)
Now enter hulk.py target url:http://www.srisai.co.in DDOS ATTACK USINGHULK((HTTP UNBEARABLE LOAD KING)
When the Attack started check the website which you have Targeted: DDOS ATTACK USINGHULK((HTTP UNBEARABLE LOAD KING)
Intrusion Detection Systems (IDS) and an Intrusion Protection Systems (IPS). Strong anti-virus and anti-spyware software on all systems with Internet connectivity File and folder hashes on system files and folders to identify if they have been compromised Reverse DNS lookup to verify the source address Once a DoS attack begins, you can minimize its effects by implementing filters to block unwanted traffic. You can also contact your ISP to implement filtering closer to the source and reduce the bandwidth used by the attack. Hardening practices on all machines, especially publicly exposed servers and directory and resource servers DOS/DDOS COUNTERMEASURES
DOS/DDOS COUNTERMEASURES The strength of an organization’s network security can be increased by putting the proper countermeasures in the right places To detect or prevent a potenital DDos attack that is being launched, ingress filtering,engress filtering and TCP intercept can be used Disable unused and insecure services Update kernel to the latest release The DDos attack can be stopped by detecting and neutralizing the handlers which are intermediaries to initiate attacks.
DOS/DDOS COUNTERMEASURES Using Mitigate attacks or stopped(using load balancing,throttling) Analyze router, firewall and IDS logs to identify the source of the Dos traffic DDos attack traffic patterns can help the network administrators to develop new filtering techniques for preventing it from entering or leaving their networks Using deflect attacks (honey pots)
Thanks PREPARED BY KALYANKUMAR.D

More Related Content

Assingement on dos ddos

  • 1. Topic: Denial of service(DOS), Distributed Denial of service(DDOS) ASSIGNMENT
  • 2. What is denial of service What is Distributed denial of service Types of DDos Symptoms of a Dos attack Botnets DDOS attack tools DDOS using Hulk DOS/DDOS Countermeasures
  • 3. Lets start what is Denial of service(Dos): Dos is an attack on a computer or network that prevents legitimate use its resources In a computing, a denial of service attack is an attempt to a make a machine or computer resources unavailable to its intended users It generally consists of the efforts of one or more people to temporarily or indefinitely interrupt or suspend services of a host connected to the internet DENIAL OF SERVICE(DOS)
  • 4. A Distributed denial – of –service attack involves a multitude of compromised systems attacking a single target, there by causing denial of service for users of the targeted systems To launch a DDos attacker, an attacker uses botnets and attacks a single system DISTRIBUTED DENIAL OF SERVICE(DOS)
  • 5. HOW DISTRIBUTED DENIAL OF SERVICE ATTACKS WORK In a DDos attack , the target browser or network is pounded by many applications with fake exterior requests that make the system, network browser, or site slow,useless,and disabled or unavailable. The attacker initiates the attack by sending a command to zombie agents send a connection request to a genuine computer system
  • 6. HOW DISTRIBUTED DENIAL OF SERVICE ATTACKS WORK
  • 7. TYPES OF DDOS ATTACKS DDOs attackers can be categorized into three types  Bandwidth attacks  Syn flood attacks  Program and application attacks
  • 8. TYPES OF DDOS ATTACKS Bandwidth attacks: A bandwidth attack floods a network with a large volume of malicious packets in order to overwhelm the network bandwidth. The aim of a bandwidth attack is to consume network bandwidth of a targeted network to such an extent that is starts dropping packets. Typically a large no.of machines is required to generate the volume of traffic required to flood a network.as the attack is carried out by multiple machines that are combined together to generate overloaded traffic
  • 9. TYPES OF DDOS ATTACKS ICMP FLOOD : Using botnets and carry out DDos attacks by flooding with ICMP ECHO packets Internet Control Message Protocol (ICMP) is a connectionless protocol used for IP operations, diagnostics, and errors. An ICMP Flood - the sending of an abnormally large number of ICMP packets of any type (especially network latency testing “ping” packets) - can overwhelm a target server that attempts to process every incoming ICMP request
  • 10. TYPES OF DDOS ATTACKS ICMP FLOOD :
  • 11. Syn flood attacks: A SYN attack is a simple form of Dos attack. in this attack an attacker sends a series of syn requests to a target machine(victim). When a cilent wants to begin a Tcp connection to the server, the client and the server exchange a series of a messages as follows The attacker sends a fake TCP SYN requests to that target server(victim) The target machine sends back a SYN ACK in a respones to the request and waits for the ACK to complete the sessions setup The target machine never gets the respones because the sources’s address is fake TYPES OF DDOS ATTACKS
  • 12. TYPES OF DDOS ATTACKS Syn flood attacks:
  • 13. TYPES OF DDOS ATTACKS Program and application attacks: Program and application attacks are carried out by causing a critical error on a machine to halt the machine’s capability of operating. These types of attack(listed here) can occur when an attacker exploits a vulnerable program, sends a large amount of data or sends weird malformed packets
  • 14. TYPES OF DDOS ATTACKS PING OF DEATH: Ping of death is a denial of service (DoS) attack caused by an attacker deliberately sending an IP packet larger than the 65,536 bytes allowed by the IP protocol. cmd : ping Target site -t -l 65500
  • 15. SYMPTOMS OF A DOS ATTACK Based on the target machine the symptoms of a Dos attack may vary There are four types of dos attacks  Unavailability of a particular wedsite  Inability to access any wedsite  Dramatic increase in the amount of spam emails received  Unusually slow network performance
  • 16. BOTNET Botnet: The term botnet is derived from the word robot network which is also called zombie army. A botnet is a huge network of compromised systems.it can compromised huge numbers of machines without the intervention of a machine owners. Botnets consists of a set of compromised systems that are monitored for a specific command infrastructure
  • 17. BOTNET Purpose of Botnets: Allows the intruder to operate remotely Scans environment automatically, and spreads through vulnerable areas gaining access via weak passwords and other means Allows compromised a host’s machine through a variety of tools Creates Dos attacks Enables spam attacks that cause Smtp mail relays Enables click fraud and other illegal activities
  • 18. DDOS ATTACK TOOLS  Nemesy  Http unberable load king  Lizard Stresser  High Orbit Ion Cannon  Low Orbit Ion Cannon  Land and LA Tierra  Blast  Panther  Botnets
  • 19. DDOS ATTACK USINGHULK((HTTP UNBEARABLE LOAD KING) R e q u i r e m e n t s : 1 ) P y t h o n 2 ) H u l k . p y 3 ) W i n d o w s / K a l i L i n u x
  • 20. DDOS ATTACK USINGHULK((HTTP UNBEARABLE LOAD KING) 1) Download & install python (https://www.python.org/downloads/) 2) Download Hulk (http://packetstormsecurity.com/files/112856/HULK-Http- Unbearable-Load-King.html)
  • 21. DDOS ATTACK USINGHULK((HTTP UNBEARABLE LOAD KING) Lets starts Attack using hulk Open command prompt using (using windows key +R) Type cmd click on ok
  • 22. Place hulk file on desktop then type : cd desktop DDOS ATTACK USINGHULK((HTTP UNBEARABLE LOAD KING)
  • 23. Locate destination: cd hulk DDOS ATTACK USINGHULK((HTTP UNBEARABLE LOAD KING)
  • 24. Now the Directory changes to hulk & enter : hullk.py DDOS ATTACK USINGHULK((HTTP UNBEARABLE LOAD KING)
  • 25. Now enter hulk.py target url:http://www.srisai.co.in DDOS ATTACK USINGHULK((HTTP UNBEARABLE LOAD KING)
  • 26. When the Attack started check the website which you have Targeted: DDOS ATTACK USINGHULK((HTTP UNBEARABLE LOAD KING)
  • 27. Intrusion Detection Systems (IDS) and an Intrusion Protection Systems (IPS). Strong anti-virus and anti-spyware software on all systems with Internet connectivity File and folder hashes on system files and folders to identify if they have been compromised Reverse DNS lookup to verify the source address Once a DoS attack begins, you can minimize its effects by implementing filters to block unwanted traffic. You can also contact your ISP to implement filtering closer to the source and reduce the bandwidth used by the attack. Hardening practices on all machines, especially publicly exposed servers and directory and resource servers DOS/DDOS COUNTERMEASURES
  • 28. DOS/DDOS COUNTERMEASURES The strength of an organization’s network security can be increased by putting the proper countermeasures in the right places To detect or prevent a potenital DDos attack that is being launched, ingress filtering,engress filtering and TCP intercept can be used Disable unused and insecure services Update kernel to the latest release The DDos attack can be stopped by detecting and neutralizing the handlers which are intermediaries to initiate attacks.
  • 29. DOS/DDOS COUNTERMEASURES Using Mitigate attacks or stopped(using load balancing,throttling) Analyze router, firewall and IDS logs to identify the source of the Dos traffic DDos attack traffic patterns can help the network administrators to develop new filtering techniques for preventing it from entering or leaving their networks Using deflect attacks (honey pots)