Security Countermeasures and Denial of Service



"Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks impact system availability by flooding the target system with traffic or requests or by exploiting a system or software flaw" (PCcare, 2018).

What happens during a DoS attack, is that a single attacker directs an attack against a single target, sending packets directly to the target. It basically targets the network bandwidth or connectivity.


There are many common forms of DoS attacks, for example:
  1. Smurf
  2. Fraggle
  3. Ping flood
  4. Ping-of-death
  5. Syn Flood
  6. Land
  7. Teardrop
  8. DNS poisoning
  9. Banana Attack
  10. Negative Acknowledgement (NACK)
  11. Deuthentication (Deauth)
One of the most knowledgeable and used is Spam. It consists of sending unwanted e-mail messages to users.
It's considered a from of DoS because:
  • It consumes bandwidth that is used by legitimate traffic. 
  • It can fill a mailbox or hard disk and result in legitimate e-mail being rejected. 
  • Spam is often distributed by hijacking misconfigured SMTP servers.
Wonder if you might be a victim of DoS?
There are 4 main symptoms that you might be in the look out for:
  • Unavailability of a particular website
  • Inability to access any website
  • Dramatic increase in the number of spam emails received
  • Unusually slow network performance
Some countermeasures to consider for DoS and DDoS attacks:
  • Intrusion Detection Systems (IDS) and an Intrusion Protection Systems (IPS). 
  • Strong anti-virus and anti-spyware software on all systems with Internet connectivity. 
  • File and folder hashes on system files and folders to identify if they have been compromised. 
  • Reverse DNS lookup to verify the source address. 
  • External firewalls with the following filters: 
  • Ingress filters that specify any inbound frame must have a public IP address from outside of the organization's LAN. 
  • Egress filters that specify any outbound frame must have a private IP address within the organization's LAN. 
  • Address filter to prevent traffic from specific attackers (if known). 
  • Once a DoS attack begins, you can minimize its effects by implementing filters to block unwanted traffic. You can also contact your ISP to implement filtering closer to the source and reduce the bandwidth used by the attack. 
  • Hardening practices on all machines, especially publicly exposed servers and directory and resource servers. 

References:

PCcare. (2018). Eurocon. DoS Attacks and Countermeasures. Retrieved from: https://sites.google.com/a/pccare.vn/it/security-pages/dos-attacks-and-countermeasures

Rao. (2018). TATA. An Intro To Denial Of Service (DOS) Attacks & Countermeasures. Retrieved from: https://securitycommunity.tcs.com/infosecsoapbox/articles/2018/01/18/intro-denial-service-dos-attacks-countermeasures

Comentarios

Publicar un comentario

Entradas más populares de este blog

Imagen
SCM Software Configuration Management What? SCM is a software engineering discipline consisting of standard processes and techniques often used by organizations to manage the changes introduced to its software products. SCM helps to eliminate the confusion often caused by miscommunication among team members. The SCM system controls the basic components such as software objects, program code, test data, test output, design documents, and user manuals. Who? The Software Engineering Institute (SEI) advocated a standard definition for CM oriented to software, broadening the definition of the Institute of Electrical and Electronics Engineers (IEEE) and the guidelines of the International Organization for Standardization (ISO). Why? Is software engineering practices associated with software configuration management offer a number of opportunities to address requirements found International  Standard, ISO 9001. From management perspective, the principles and practices of  
Leer más
Imagen
History of software engineering It first started in the 1950's when software separated from hardware. They started to reclute programmers that where working as hardware engineers. Software engineering was encouraged by the software crisis of the (1960's, 1970's and 1980's) which was a term used to describe the hard time programmers has when writing useful and efficient computer programs in time. the 1990's gave rise to the Internet and to a fast growth in the demand for e-mail systems on the World Wide Web. There also was a growth on browser usage that ran on HTML, changing the way information displayed/ retrieval was organized. 2000's rapid growth in the demand for inexpensive software solutions led to the expansion of faster and lighter methodologies that developed running software, such as Extreme Programming. Software engineering today is currently rated as the best job in America by Money Magazine . Source & links: https://www.cs.color
Leer más
Imagen
Open Source Software "Open source software is software with source code that anyone can inspect, modify, and enhance" (Open source, 2016). So what exactly is source code, which is the key word to understand this definition. Source code is the part of software that computer users don't see, but it's the piece of code that programmers can control how a program works. To sum it up: OSS (open source software) alludes to software that is manipulated and distributed through communal collaboration, to make sure that in the future it'll still be an open collaboration. Why should OSS matter to users and not only programmers?, because OSS  licenses give users freedoms they would not otherwise have. Benefits : A self-evident advantage of OSS is it can be had for free. OSS is also more flexible, in the way that you can modify the program to fit your user needs and expectations. For example changing the interface of an operating system to fit your convention whe
Leer más