a guide about ddos attacks understanding and anticipating
play

A Guide About DDoS Attacks Understanding and anticipating DDoS - PowerPoint PPT Presentation

Apr 17, 2023 •22 likes •142 views

A Guide About DDoS Attacks Understanding and anticipating DDoS Guillaume Valadon guillaume.valadon@ssi.gouv.fr RIPE 70 - May, 11 2015 ANSSI - http://www.ssi.gouv.fr/guide-ddos & https://goo.gl/UL8M1 1/12 ANSSI Created on July 7th 2009,

  1. A Guide About DDoS Attacks Understanding and anticipating DDoS Guillaume Valadon guillaume.valadon@ssi.gouv.fr RIPE 70 - May, 11 2015 ANSSI - http://www.ssi.gouv.fr/guide-ddos & https://goo.gl/UL8M1 1/12

  2. ANSSI Created on July 7th 2009, the ANSSI is the national cyberde- fence agency Main missions: One of its priorities is the Internet resilience. http://www.ssi.gouv.fr/en/ ANSSI - http://www.ssi.gouv.fr/guide-ddos & https://goo.gl/UL8M1 2/12 • Prevention • Defence of information systems

  3. A guide about DDoS attacks ?

  4. Why ? Goal Give an overview of the existing DDoS protection solutions: Target Mainly for customers of network operators ANSSI - http://www.ssi.gouv.fr/guide-ddos & https://goo.gl/UL8M1 4/12 • Describe each solution • Give its scope, and its possible limitations

  5. Who ? Written in cooperation with French network operators Companies and network operators involved ANSSI - http://www.ssi.gouv.fr/guide-ddos & https://goo.gl/UL8M1 5/12 • Acorus Networks • Jaguar-Network • Bouygues Telecom • Orange France • Cyber Test Systems • SFR • France-IX • Zayo France • Free / Online

  6. Where ? Only in French so far Links https://transfer.sh/11Sij4/guide-ddos.light.pdf ANSSI - http://www.ssi.gouv.fr/guide-ddos & https://goo.gl/UL8M1 6/12 • Offjcial guide, http://www.ssi.gouv.fr/guide-ddos • Light PDF, • Google Translate, https://goo.gl/UL8M1d

  7. What is inside ? 1. DDoS attacks 2. How to defend against DDoS attacks ? 3. How to react in case of attack ? 4. How to avoid participating in a DDoS attack ? ANSSI - http://www.ssi.gouv.fr/guide-ddos & https://goo.gl/UL8M1 7/12 • What is a DDoS attack ? Who can be targeted ? • Filtering (at the edge of the network, in the cloud) • Dedicated protection services • Attack detection and reaction • Incident notifjcation • Reduce the attack surface, traffjc fjltering

  8. How to defend against DDoS attacks ? Describe each solution, give its scope and limitations Edge fjltering itations as observed by network operators Filtering capabilities of network operators Dedicated protection services ing via BGP) ANSSI - http://www.ssi.gouv.fr/guide-ddos & https://goo.gl/UL8M1 8/12 • Limitations of fjrewalls / load balancers • Benefjts of dedicated DDoS fjltering equipments, and their lim- • Describe existing traffjc redirection methods (DNS based, rerout-

  9. How to react to an attack ? During the attack application level attack, protocols used …) of the attack ? Is it coming from a single provider / transit operator ?) After the attack Who to contact in order to declare the incident and to fjle a complaint ? ANSSI - http://www.ssi.gouv.fr/guide-ddos & https://goo.gl/UL8M1 9/12 • Identify the target and the nature of the attack (volumetric or • Find the sources of the attack (is it possible to list the sources

  10. How to avoid participating in a DDoS attack ? Recalls the best practices ! Disable unused services SNMP) Keep frameworks and CMS up to date. Follow development best practices Filter outbound traffjc to prevent IP address spoofjng ANSSI - http://www.ssi.gouv.fr/guide-ddos & https://goo.gl/UL8M1 10/12 Harden the confjguration of exposed services (examples : NTP,

  11. Conclusion Shall it be translated to English ? How did it work ? Please send comments to: guide.ddos_at_ssi.gouv.fr ANSSI - http://www.ssi.gouv.fr/guide-ddos & https://goo.gl/UL8M1 11/12 • Good feedbacks from French NOG • Some parts were discussed then fjxed

  12. Questions? English version at https://goo.gl/UL8M1d ANSSI - http://www.ssi.gouv.fr/guide-ddos & https://goo.gl/UL8M1 12/12

Recommend

DDOS: DDos and DDonts DrupalCon 2016 Agenda What is DDoS Detecting DDoS Attacks

DDOS: DDos and DDonts DrupalCon 2016 Agenda What is DDoS Detecting DDoS Attacks

DDOS: DDos and DDonts DrupalCon 2016 Agenda What is DDoS Detecting DDoS Attacks DDoS Prevention Improving Performance Questions Glossary DDoS - Attempt to make a server or network resource unavailable to Internet

549 views • 30 slides
CS 110 Summer 2018 Ryan Eberhardt DDoS Attacks

CS 110 Summer 2018 Ryan Eberhardt DDoS Attacks

CS 110 Summer 2018 Ryan Eberhardt DDoS Attacks https://www.reveelium.com/en/ddos-attacks-the-cyber-boogeyman-part-i/ DDoS Attacks 1,700 Gbps!! 2015 :-/

748 views • 20 slides
SENSS Against Volumetric DDoS Attacks Sivaram Ramanathan 1 , Jelena Mirkovic 1 , Minlan Yu 2 and

SENSS Against Volumetric DDoS Attacks Sivaram Ramanathan 1 , Jelena Mirkovic 1 , Minlan Yu 2 and

SENSS Against Volumetric DDoS Attacks Sivaram Ramanathan 1 , Jelena Mirkovic 1 , Minlan Yu 2 and Ying Zhang 3 1 University of Southern California/Information Sciences Institute 2 Harvard University 3 Facebook 1 DDoS attacks Volumetric DDoS

604 views • 56 slides
Catch me if you can A cloud based DdoS defense Mikal Fourrier DDoS attacks Goal: prevent

Catch me if you can A cloud based DdoS defense Mikal Fourrier DDoS attacks Goal: prevent

Catch me if you can A cloud based DdoS defense Mikal Fourrier DDoS attacks Goal: prevent the access to a computer system to it's legitimate users. DDoS: DoS attack on the network using a lot of different source IP Why:

327 views • 16 slides
Filtering Based Techniques DDOS Attacks: Target CPU / Bandwidth for DDOS Mitigation

Filtering Based Techniques DDOS Attacks: Target CPU / Bandwidth for DDOS Mitigation

Introduction: Filtering Based Techniques DDOS Attacks: Target CPU / Bandwidth for DDOS Mitigation Attacker signals slaves to launch an attack on a specific target address (victim). Slaves then respond by Comp290: Network

276 views • 9 slides
A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena Mirkovic, Janice Martin & Peter

A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena Mirkovic, Janice Martin & Peter

A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena Mirkovic, Janice Martin & Peter Reiher Manu Shantharam & David Hadka What is DoS? DoS A type of attack wherein access to computer resource / service is denied or

380 views • 18 slides
Exit from Hell? Reducing the Impact of Amplifjcation DDoS Attacks Marc Khrer, Thomas

Exit from Hell? Reducing the Impact of Amplifjcation DDoS Attacks Marc Khrer, Thomas

Exit from Hell? Reducing the Impact of Amplifjcation DDoS Attacks Marc Khrer, Thomas Hupperich, Christian Rossow, and Thorsten Holz Presented By : Richie Noble Distributed Denial-of-Service (DDoS) Attacks Known problem for many

660 views • 35 slides
Understanding Cyber Risks and Security Options The Spectrum of Cyber Attacks Advanced

Understanding Cyber Risks and Security Options The Spectrum of Cyber Attacks Advanced

Understanding Cyber Risks and Security Options The Spectrum of Cyber Attacks Advanced Persistent Threats (APT) Cybercriminals, Exploits and Malware Denial of Service attacks (DDoS) Domain name hijacking Corporate

347 views • 13 slides
Mark Shtern DDoS Attacks http://en.wikipedia.org/wiki/Operation_Pa yback

Mark Shtern DDoS Attacks http://en.wikipedia.org/wiki/Operation_Pa yback

Mark Shtern DDoS Attacks http://en.wikipedia.org/wiki/Operation_Pa yback http://www.betterhostreview.com/wp-content/uploads/2013/08/ddos-attack.gif 2 DDoS Attacks http://blog.rivalhost.com/wp- http://en.wikipedia.org/wiki/Low

800 views • 36 slides
COLOSSAL DDoS ATTACKS ARE THE NEW REALITY Defeating DDoS Needs a Precision Strategy Your Secure

COLOSSAL DDoS ATTACKS ARE THE NEW REALITY Defeating DDoS Needs a Precision Strategy Your Secure

COLOSSAL DDoS ATTACKS ARE THE NEW REALITY Defeating DDoS Needs a Precision Strategy Your Secure Application Services CONFIDENTIAL | DO NOT DISTRIBUTE Company 1. CONFIDENTIAL | DO NOT DISTRIBUTE Attack Tools over Time - Evolved Binary

385 views • 12 slides
Poseidon: Mitigating Volumetric DDoS Attacks with Programmable Switches Menghao Zhang 1 , Guanyu

Poseidon: Mitigating Volumetric DDoS Attacks with Programmable Switches Menghao Zhang 1 , Guanyu

Poseidon: Mitigating Volumetric DDoS Attacks with Programmable Switches Menghao Zhang 1 , Guanyu Li 1 , Shicheng Wang 1 , Chang Liu 1 , Ang Chen 2 , Hongxin Hu 3 , Guofei Gu 4 , Qi Li 1 , Mingwei Xu 1 , Jianping Wu 1 1 4 2 3 DDoS Attacks are

480 views • 23 slides
Discriminating reflective DDoS attack tools at the reflector Fons Mijnen Max Grim

Discriminating reflective DDoS attack tools at the reflector Fons Mijnen Max Grim

Discriminating reflective DDoS attack tools at the reflector Fons Mijnen Max Grim fons.mijnen@os3.nl max.grim@os3.nl 2 DDoS attacks DDoS attacks are a problem internet users have faced for many years, and is still relevant today. 3 DDoS

531 views • 52 slides
Against DDoS Attacks Wilson Rogrio Lopes LACNIC 28 / LACNOG 2017 09/2017 CDNs for DDoS

Against DDoS Attacks Wilson Rogrio Lopes LACNIC 28 / LACNOG 2017 09/2017 CDNs for DDoS

Best Practices for Using CDNs Against DDoS Attacks Wilson Rogrio Lopes LACNIC 28 / LACNOG 2017 09/2017 CDNs for DDoS Protection As your principle, CDNs distribute traffic around the world to the closest pop for client, using anycast

915 views • 11 slides
A LERTING Daniel Romo Niels van Dijkhuizen BACKGROUND DDoS attacks are commonly seen in

A LERTING Daniel Romo Niels van Dijkhuizen BACKGROUND DDoS attacks are commonly seen in

DD O S D ETECTION AND A LERTING Daniel Romo Niels van Dijkhuizen BACKGROUND DDoS attacks are commonly seen in the SURFnet network Mostly flooding attacks Customers are heavily affected and complain These attacks are cheap and

767 views • 17 slides
.tr DDoS Attack December 2015 Attila zgit .tr ccTLD Manager Dec, 2015 .tr DDoS Attack A

.tr DDoS Attack December 2015 Attila zgit .tr ccTLD Manager Dec, 2015 .tr DDoS Attack A

.tr DDoS Attack December 2015 Attila zgit .tr ccTLD Manager Dec, 2015 .tr DDoS Attack A Summary of a 3 weeks long experience 2016-03-07 Dec 2015 DDoS Attack on .TR 2 Before DDoS q Infrequent Small scale DoS and DDos Attacks Few

606 views • 14 slides
Outline Distributed Denial of Service Introduction Attacks Characteristics of DDoS

Outline Distributed Denial of Service Introduction Attacks Characteristics of DDoS

Outline Distributed Denial of Service Introduction Attacks Characteristics of DDoS attacks CS 239 Some examples Security for Networks and Proposed prevention methods System Software May 15, 2002 Lecture 12 Lecture 12

421 views • 9 slides
DDoS attacks on electronic payment systems Sean Rijs and Joris Claassen Supervisor: Stefan

DDoS attacks on electronic payment systems Sean Rijs and Joris Claassen Supervisor: Stefan

DDoS attacks on electronic payment systems Sean Rijs and Joris Claassen Supervisor: Stefan Duse Scope High volume DDoS attacks Electronic payment systems Low bandwidth requirements: 5 from account X to account Y 2 Research

321 views • 28 slides
OpenFlow DDoS Mitigation C. Dillon, M. Berkelaar February 9, 2014 University of Amsterdam

OpenFlow DDoS Mitigation C. Dillon, M. Berkelaar February 9, 2014 University of Amsterdam

OpenFlow DDoS Mitigation C. Dillon, M. Berkelaar February 9, 2014 University of Amsterdam Quanza Engineering C. Dillon, M. Berkelaar OpenFlow DDoS Mitigation Introduction Distributed Denial of Service attacks Types of attacks Application

360 views • 18 slides
DDoS Attack Landscapes Introduction General opinion AKA DDoS skeptics Denial of Service

DDoS Attack Landscapes Introduction General opinion AKA DDoS skeptics Denial of Service

DDoS Attack Landscapes Introduction General opinion AKA DDoS skeptics Denial of Service attacks are a fact of life on the Internet Service disruption Sometimes employed as a smoke screen What this talk is and

799 views • 23 slides
Should the IETF do anything about DDoS attacks? Mark Handley The Problem The Internet

Should the IETF do anything about DDoS attacks? Mark Handley The Problem The Internet

Should the IETF do anything about DDoS attacks? Mark Handley The Problem The Internet architecture was designed to delivery packets to the destination efficiently. Even if the destination does not want them. Congestion control and

391 views • 28 slides
DDoS Defense Mechanisms for IXP Infrastructures Tim Dijkhuizen Lennart van Gijtenbeek

DDoS Defense Mechanisms for IXP Infrastructures Tim Dijkhuizen Lennart van Gijtenbeek

DDoS Defense Mechanisms for IXP Infrastructures Tim Dijkhuizen Lennart van Gijtenbeek Supervisor: Stavros Konstantaras (AMS-IX) SNE: Research Project II 03-07-2018 Introduction D istributed D enial o f S ervice DDoS attacks on banks in

720 views • 33 slides
Cashing out the Great Cannon? On Browser-based DDoS Attacks and Economics G. Pellegrino (1) , C.

Cashing out the Great Cannon? On Browser-based DDoS Attacks and Economics G. Pellegrino (1) , C.

Cashing out the Great Cannon? On Browser-based DDoS Attacks and Economics G. Pellegrino (1) , C. Rossow (1) , F. J. Ryba (2) , T. C. Schmidt (3) , M. Whlisch (2) (1) CISPA / MMCI, Saarland University (2) Freie Universitt Berlin (3) HAW Hamburg

520 views • 36 slides
2400 Baud of Technical Excitement Pretty Sure this begins to date me... DDoS Attacks on the

2400 Baud of Technical Excitement Pretty Sure this begins to date me... DDoS Attacks on the

Security Trends & Tactics AND Strategies of UETN The Quilt Winter Member Meeting 2018 Presented by Troy Jessup, UETN 2400 Baud of Technical Excitement Pretty Sure this begins to date me... DDoS Attacks on the Decline? Mitigation at

742 views • 26 slides
Mirai Botnet: How IoT Botnets Performed Massive DDoS Attacks and Negatively Impacted Hundreds of

Mirai Botnet: How IoT Botnets Performed Massive DDoS Attacks and Negatively Impacted Hundreds of

Mirai Botnet: How IoT Botnets Performed Massive DDoS Attacks and Negatively Impacted Hundreds of Thousands of Internet Businesses and Millions of Users in October 2016 William Favre Slater, III, M.S. MBA, PMP, CISSP, CISA Sr. Cybersecurity

1.36k views • 53 slides

More recommend