Documente Academic
Documente Profesional
Documente Cultură
Pawe Suwala
Natalia Wieczorek
Email: {pawsu509, natwi936}@student.liu.se
Supervisor: Viiveke Fk, {viiveke@isy.liu.se}
Project Report for Information Security Course
Linkpings universitetet, Sweden
Abstract
The following paper concentrates on the means of
defense against denial of service attacks. First,
some possible and common denial of service
attacks are described to give the reader a basic
understanding of what is this type of the attacks.
The main part of the project is the mechanism, tools
and methods used to prevent the denial of service
attacks. At the end a short case study along with the
description of the small company network is given.
When conducting the experiment we noticed that a
successful attack on the networked system is
relatively easy as the needed tools are free to
download but at the same time the simple means of
defense can be applied to make most of the attacks
impossible.
Key words: denial of service, distributed denial of
service, worm, firewall, network protocols.
Introduction
Background
3.1
Attacks Classification
3.3
3.2
Smurf Attack
3.3.3
SYN Flood
LAND attack
3.3.6
Fork bomb
3.3.9
3.3.10
WinNuke attack
4.1
3.3.7
Teardrop attack
Survival
Peer-to-peer attack
4.2
Firewalls
4.3
4.4
4.5
Infrastructure
and
configuration [7]
network
Routers
4.6
Audits
4.7
People awareness
DoS
6.1
Target
6.2
6.3.2
Attack Description
ICMP FLOOD
int main()
{
while(1) fork();
return 0;
}
FORK BOMB
6.3
6.4
6.4.1
Defense
ICMP FLOOD[2]
Attack
FORK BOMB
ICMP FLOOD[1]
6.4.2
FORK BOMB
6.5
Results
Conclusion
References
[1] Internet Denial of Service: Attack and Defense
Mechanisms, Jelena Mirkovic, Sven Dietrich,
David Dittrich and Peter Reiher. Prentice Hall PTR
[2] The Tao of Network Security Monitoring, by
Richard Bejtlich, Addison-Wesley, July, 2004
[3] Denial of Service Tools
http://packetstormsecurity.org/distributed/
[4] Distributed-Systems Intruder Tools Workshop
http://www.cert.org/reports/dsit_workshop.pdf
[5] Hack Attacks Denied, 2002, John Chirillo
[6] http://en.wikipedia.org/wiki/Denial-ofservice_attack#Incidents
[7] The CEH prep guide : the comprehensive guide
to certified ethical hacking, 2008, Ronald L. Krutz,
Russell Dean Vines
[8] Denial of service attacks
http://en.wikipedia.org/wiki/Denial_of_service_atta
ck
[9] A large scale attack
http://news.zdnet.com/2100-1009_22-145225.html