Like what you see? Get it in one document for easy printing!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Test yourself better with 300 extra Security+ questions!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 1:  General Security Concepts (Domain 1.0; 30%)
      9  1.4  Attacks
           9  1.4.1  Denial of Service (DoS) / Distributed Denial of Service (DDoS)

Previous Topic/Section
1.4.1  Denial of Service (DoS) / Distributed Denial of Service (DDoS)
Previous Page
Pages in Current Topic/Section
1
Next Page
An Early DDoS Attack
Next Topic/Section

Impact of DDos Attacks

Not only are DDoS attacks a pain for the target system and its network, they can also seriously hinder the function of hosts/networks used to stage the attack, and waste the time of the admins of all the involved networks. Can you imagine, as the administrator of your company’s network, getting a call from a far-off network administrator complaining that they’re getting one of these attacks from your direction? Presuming that you verify that the packets really are being sent out from your network (rather than being forged, and merely claiming they’re from your network), you then have to do two things:

  • Get rid of the problem packets, generally by yanking the source machine off the network

  • Find out exactly how much of your network has been compromised, and take appropriate corrective action

Given that the (probable) script-kiddie has actually gotten ON to your network, as opposed to poking at it from the outside (as with the target of the DDoS), you’ve got work to do, and probably something to explain to management. In this way, being an unwilling assistant to a DDoS attack tends to have consequences that are more annoying, for a longer time, than being the target of one. Author Helen says, “Trust me, I’ve been there on both sides. Despite my best efforts, someone got in via a zero-day Linux exploit and my domain became an unwilling participant in someone’s attempt at revenge on a fellow IRC user they decided they just didn’t like. Unless you’re Amazon.com or a site which loses tens of thousands of dollars for every minute of network downtime, it may be worse to be unwittingly on the sending side of a DDoS attack, than to be the target.” There might even be legal liability for maintaining a system security configuration that allows someone to get into your network and stage a denial-of-service attack against a target -- and the target may indeed come knocking on your door if it experiences significant losses.

Of course, this assumes that you can actually identify the source of the DDoS. All bets are off if you are the victim of a DDoS attack staged with software that forges the ‘source’ IP address in the attacking packets. In that case, you, the target, are likely to have a very bad day (until ISPs start communicating and narrowing down where the attack is coming from, by looking at traffic through their networks).

Figure 7: First a Black Hat installs a backdoor to make machines on fast connections (DSL/Cable) to make many ‘Zombie’ machines. At a synchronized time, all the zombies direct requests to a single site.

 


Previous Topic/Section
1.4.1  Denial of Service (DoS) / Distributed Denial of Service (DDoS)
Previous Page
Pages in Current Topic/Section
1
Next Page
An Early DDoS Attack
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.