Ahmad Muammar W. K.http://google.com/search?q=y3dips

http://google.com/search?q=y3dips

DOSTypesSimulationInternet WormDDOSDiscussion

Details

http://google.com/search?q=y3dips

A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users

DOS

http://google.com/search?q=y3dips

MotivesMoneyRevengePrestigeGaining AccessPolitic

http://google.com/search?q=y3dips

DOS HistoryClassical DOS Internet WormsDdos

Ahmad Muammar W. K.http://google.com/search?q=y3dips

http://google.com/search?q=y3dips

Classical DOSApplication BugConsumption of computational resourcesDisabling web trafficMail bombing

Ahmad Muammar W. K.http://google.com/search?q=y3dips

http://google.com/search?q=y3dips

TCP syn floodICMP/UDP/ECHO (ping) to broadcast addresses ( SMURF)Out of Band (oob) Attack (winnuke:139) ARP poisoningPing of Death (win95)Port flooding Mail bombing

Some Examples/Types

Ahmad Muammar W. K.http://google.com/search?q=y3dips

http://google.com/search?q=y3dips

Mass Spamming?A Real Life ExampleUsing SMTPEasy Proof Of concept

Reply to : victim@dudul.com

Sender : anonymous@fvck.com

To : xxx@multiple server

Received : victim@dudul.com

Mail Server A

Mail Server B

Mail Server C

http://google.com/search?q=y3dips

<?

$recipient = “xxx@multiple mailserver";

$subject = “fake";

$mailheaders = "From: victim@dudul.com \n";

$mailheaders .= "Reply-To: victim@dudul.com\n";

$msg= "\nIts a spam\n";

mail($recipient, $subject, $msg, $mailheaders) or die (“tidak terkirim!");

?>

Ahmad Muammar W. K.http://google.com/search?q=y3dips

http://google.com/search?q=y3dips

ApplicationServicesSystem

CPUMemoryRamNetworking

DDOS against

http://google.com/search?q=y3dips

DDos Against IEInternet Explorer is Microsoft Windows Web browserSome Version has hole in XML scriptError in Application

<!-- Discovered byInge Henriksen (inge.henriksen@booleansoft.com) http://ingehenriksen.blogspot.com/--><table>

<tr><td><IMG align=left>X X X<?xml:namespace prefix=v>

<v:X style="HEIGHT:1"></td></tr>

</table>

http://google.com/search?q=y3dips

Apache is a free web server Some Version vulnerable to this kind of DosServer temporary down

DDos Against Apache

http://google.com/search?q=y3dips

Limited ResourcesMultiple ProcessSome Infinite loop wouls suck more resources

DDos Against cpu, memory, ram

http://google.com/search?q=y3dips

Flooding the networkCut all trafficFill the bandwidth

DDos Against Network

Ahmad Muammar W. K.http://google.com/search?q=y3dips

http://google.com/search?q=y3dips

WormA computer program which replicates itself and is self-propagating. Worms, as opposed to viruses, are meant to spawn in network environments.

http://google.com/search?q=y3dips

WormActive propagated itself Combine With sytem/application hole Ddos Agent/zombie

web traffic flooding

Mass war machine

Resources Take Over

Ahmad Muammar W. K.http://google.com/search?q=y3dips

http://google.com/search?q=y3dips

Distributed AttackMultiple ImpactZombie/Agent

D dos

http://google.com/search?q=y3dips

Any types of Dos ttack

Single user Target

Attacker

zombie

zombie

zombie

zombiezombie

zombie

Target

Ahmad Muammar W. K.http://google.com/search?q=y3dips

http://google.com/search?q=y3dips

Survive (mitigate Ddos)Network ConfigurationChange IP AddressStrong peripheral

Filtering Technique (signatures of the traffic)Some Mirror/Backup

Ahmad Muammar W. K.http://google.com/search?q=y3dips