Mobile LOIC Counter Measures
|
|
- Claud Warner
- 5 years ago
- Views:
Transcription
1 Technical Security Note Mobile LOIC Counter Measures North America Radware Inc. 575 Corporate Dr., Lobby 1 Mahwah, NJ Tel: (888) International Radware Ltd. 22 Raoul Wallenberg St. Tel Aviv 69710, Israel Tel:
2 Table of Contents Abstract... 2 Mobile LOIC... 2 Operation... 3 Technical Details... 3 HTTP Request Format... 3 HTTP implementation... 4 Distinct Characteristics... 4 Investigation and Analysis of the Mobile LOIC Tool... 4 Code Analysis... 4 Experiment... 4 Results... 5 Drop Action... 6 Reset Action... 6 Drop and Suspend Action... 6 Conclusion... 8 Abstract LOIC (Low Orbit Ion Cannon) is an open-source denial-of-service (DoS) attack tool. The tool has been used in various attacks by the Anonymous group in Project Chanology, Operation Payback, OpSony and others. Existing network-security technologies and tools focus on identifying attack-traffic patterns and preventing the attack traffic from arriving at their designated destinations. This is a defensive approach. Radware SOC has developed a methodology to defeat the attacks at their origin, rather than at their destination. This offensive technique is referred to as a counterattack or a countermeasure. By crippling the attack sources, the impact on the designated victim is reduced, and in some cases, may render the attack ineffective. The attacker may then choose to change the target of the attack. This document presents research that Radware SOC has conducted in order to identify the weaknesses and vulnerabilities of the LOIC tool, and with this information, counter the attacks that the Mobile LOIC tool generates. Mobile LOIC Mobile LOIC is a Javascriptbased HTTP DoS tool which is delivered within an HTML page. The HTML page may be hosted on a website and accessed remotely with the use of a web browser. Since only a web browser is required, an attacker may use a smart phone to generate an attack (hence the name Mobile LOIC ). Normally attack organizers post a URL for the website hosting the page and invite users to use the tool and attack the specified target. The source HTML is located at: Page 2
3 Operation Mobile LOIC is very simple to operate, as shown in Figure 1. There are three configurable parameters: Target URL Specifies the URL of the attacked target. Must start with Requests per second Specifies the number of desired requests to be sent per second. Append message Specifies the content for the msg parameter to be sent within the URL of HTTP requests. Figure 1: Mobile LOIC GUI Technical Details HTTP Request Format Mobile LOIC sends multiple HTTP GET requests to the specified URL. Requests contain two parameters: id The value of this parameter is a number which is generated on-the-fly using the Javascript Date() function. msg The value of this parameter is the text entered in the Append Message field. Page 3
4 The HTTP headers in the requests are determined by the browser s configuration. HTTP implementation Other attack tools which implement the HTTP layer react to certain HTTP-level challenges differently from a legitimate browser. Mobile LOIC utilizes the HTTP implementation of the browser it is accessed from. This simple approach makes it very hard to distinguish legitimate users using a browser because it is actually the browser which is reacting. The following table shows the tool s reaction to certain HTTP challenges when used by popular browsers: Browser HTTP implementation 302 Redirect 302 Redirect + Cookie 200 Ok + JS Cookie IE 9* WinINet Passed Failed Failed Firfox 4* Mozilla HTTP Passed Passed Failed Chrome* Own [1] Passed Failed Failed * The results should be considered verified on a standard installation with default settings. Distinct Characteristics Each HTTP request sent by the Mobile LOIC tool contains the above id parameter described in HTTP Request Format. This parameter s value depends on time, but it is relatively constant within the timeframe which characterizes popular DoS attacks. This value may be used to distinctly detect the attacking traffic. Investigation and Analysis of the Mobile LOIC Tool Investigation was conducted with the aim of discovering the best countermeasure against the LOIC tool the central question being whether it is possible for an inline device to effectively mitigate the attack and also affect the way the tool operates. The investigation was conducted using mainly code analysis and experimentation. Code Analysis The publicly available Javascript code of the tool was analyzed. It was observed that the tool generates HTTP requests using the img.setattribute function. This causes the browser to produce an HTTP GET request according to the parameters of the function. Experiment Running the tool, the effect of different connections-handling actions was observed. Page 4
5 Figure 2: Stage 1 The Switch Forwards the Attacking Traffic For the setup illustrated in Figure 2, a network switch which is able to perform several TCP operations was required. In this case, DefensePro was used. The setup has a DefensePro device positioned between an attacker running Mobile LOIC and an Apache HTTP server. In Stage 1, the DefensePro device was configured to forward the LOIC traffic to the server. The traffic was monitored using DefensePro Real-Time Monitoring. In Stage 2, once a relatively stable attack rate was achieved, the DefensePro device was configured to drop the attack traffic, suspend the source IP, or block the traffic and send a reset packet to the attack source, as shown in Figure 3: Figure 3: Stage 2 The Switch Drops, Suspends or Resets the Connection or Source Results Figures 4, 5, and 6 show results for the Drop, Reset and Drop and Suspend actions on detection of the Mobile LOIC tool. The green line in the graphs indicates incoming traffic, the blue line indicates passed traffic, and the yellow line shows discarded traffic. In all three graphs, the low starting green level signifies background traffic which is considered legitimate. The beginning of the attack is characterized by a sharp rise in the green and blue levels. The beginning of the action is characterized by a sharp decrease in the green and blue lines. The significant difference between the three actions may be seen from what happens shortly after the action is started. Page 5
6 Drop Action Once the action is applied, the attacking traffic does drop but not completely. Spikes in the green line indicate that the tool retries the requests at set intervals. Those intervals correspond to the timeouts when the browser waits for the reply. When the timeout finishes, the connection is terminated and a new connection with a new request is generated. Reset Action Once the action is applied, the traffic drops for a short time and then quickly increases even higher than the initial no action state. This result is explained by the way the browser is limited in opening new connections. When the browser sends a new request, there is a timeout in which it waits for the reply. If the connection is reset, the timeout is artificially terminated and there is space to open a new connection quicker. Drop and Suspend Action Once the action is applied, the traffic quickly drops to the level of the background traffic. This is because the suspended action causes the TCP layer traffic of the attacking source to be cleared form the network. Figure 4: Real time monitoring of traffic Drop action Page 6
7 Figure 5: Real time monitoring of traffic Reset action Figure 6: Real time monitoring of traffic Drop and Suspend action Page 7
8 Conclusion The experiment described in this document shows the significance of the action chosen on detection of DoS attack tools. While one action may clear the network, help the protected server to keep operating, and even counter the tool causing it to send less requests, the wrong action may indirectly help the tool and cause it to send requests quicker. Drop and suspend is the most efficient action in the current version of Mobile LOIC. This action causes the tool to retry requests in a slower rate while keeping the network clear of attack traffic. Counter Attack Reset Drop Drop and Suspend Impact on traffic generated by the tool Increased Decreased to ~30% Decreased to ~10% Impact on attack traffic which reached the server Increased Decreased to ~10% Decreased to 0 Radware Security Operations Center 2012 Radware, Ltd. All Rights Reserved. Radware and all other Radware product and service names are registered trademarks of Radware in the U.S. and other countries. All other trademarks and names are the property of their respective owners. Page 8
SNMP Monitoring. Hardware Monitoring OIDs DefensePro Version 8.x
SNMP Monitoring Hardware Monitoring OIDs DefensePro Version 8.x Rev. 2-11/11/2018 SNMP Monitoring: Hardware Monitoring OIDs Rev 2 Page 2 TABLE OF CONTENTS 1 HEALTH RELATED OIDS...5 1.1 RDWRDUALPSUSTATUS...
More informationRadware DefensePro DDoS Mitigation Release Notes Software Version Last Updated: December, 2017
Radware DefensePro DDoS Mitigation Release Notes Software Version 8.13.01 Last Updated: December, 2017 2017 Cisco Radware. All rights reserved. This document is Cisco Public. Page 1 of 9 TABLE OF CONTENTS
More informationSecurity Advisory. Network Time Protocol Vulnerabilities
Security Advisory Network Time Protocol Vulnerabilities Dec 29, 2014 TABLE OF CONTENTS GENERAL... 2 CVE-2014-9293 Insufficient Entropy in PRNG... 2 CVE-2014-9294 Use of Cryptographically Weak Pseudo-Random
More informationDoS Cyber Attack on a Government Agency in South America- February 2012 Anonymous Mobile LOIC in Action
DoS Cyber Attack on a Government Agency in South America- February 2012 Anonymous Mobile LOIC in Action 1 Table of Content Preamble...3 About Radware s DefensePro... 3 About Radware s Emergency Response
More informationDENIAL OF SERVICE VIA INTERNET OF THINGS DEVICES: ATTACK METHODOLOGIES AND MITIGATION TECHNIQUES
DENIAL OF SERVICE VIA INTERNET OF THINGS DEVICES: ATTACK METHODOLOGIES AND MITIGATION TECHNIQUES by RICHARD ROE Advisor Dr. Joshua Eckroth A senior research proposal submitted in partial fulfillment of
More informationDefensePro. Release Notes
DefensePro Release Notes Version 7.42.07 March 29, 2017 TABLE OF CONTENTS CONTENT... 3 RELEASE SUMMARY... 3 SUPPORTED PLATFORMS AND MODULES... 3 MANAGEMENT USING APSOLUTE VISION... 3 UPDATING THE ONLINE
More informationDoS Cyber Attack on a Government Agency in Europe- April 2012 Constantly Changing Attack Vectors
DoS Cyber Attack on a Government Agency in Europe- April 2012 Constantly Changing Attack Vectors 1 Table of Content Preamble...3 About Radware s DefensePro... 3 About Radware s Emergency Response Team
More informationAppDirector Redundancy Mechanism
AppDirector Redundancy Mechanism Technical Application Note North America Radware Inc. 575 Corporate Dr. Suite 205 Mahwah, NJ 07430 Tel 888 234 5763 International Radware Ltd. 22 Raoul Wallenberg St. Tel
More informationProtecting DNS Critical Infrastructure Solution Overview. Radware Attack Mitigation System (AMS) - Whitepaper
Protecting DNS Critical Infrastructure Solution Overview Radware Attack Mitigation System (AMS) - Whitepaper Table of Contents Introduction...3 DNS DDoS Attacks are Growing and Evolving...3 Challenges
More informationYuri Gushin & Alex Behar
Yuri Gushin & Alex Behar Ø Introduction Ø DoS Attacks overview & evolution Ø DoS Protection Technology Ø Operational mode Ø Detection Ø Mitigation Ø Performance Ø Wikileaks (LOIC) attack tool analysis
More informationGrandstream Networks, Inc. UCM6100 Security Manual
Grandstream Networks, Inc. UCM6100 Security Manual Index Table of Contents OVERVIEW... 3 WEB UI ACCESS... 4 UCM6100 HTTP SERVER ACCESS... 4 PROTOCOL TYPE... 4 USER LOGIN... 4 LOGIN TIMEOUT... 5 TWO-LEVEL
More informationCisco Service Control Service Security: Outgoing Spam Mitigation Solution Guide, Release 4.1.x
CISCO SERVICE CONTROL SOLUTION GUIDE Cisco Service Control Service Security: Outgoing Spam Mitigation Solution Guide, Release 4.1.x 1 Introduction and Scope 2 Functionality Overview 3 Mass-Mailing-Based
More informationBIG-IP Analytics: Implementations. Version 12.1
BIG-IP Analytics: Implementations Version 12.1 Table of Contents Table of Contents Setting Up Application Statistics Collection...5 What is Analytics?...5 About HTTP Analytics profiles...5 Overview: Collecting
More informationThe Barracuda Web Application Firewall Versus Anonymous. Best Practices for Planning and Defending Against Attacks by Anonymous.
The Barracuda Web Application Firewall Versus Anonymous Best Practices for Planning and Defending Against Attacks by Anonymous White Paper The security analysts at Barracuda Central have been continuously
More informationDDoS: Coordinated Attacks Analysis
DDoS: Coordinated Attacks Analysis This article will cover some concepts about a well-known attack named DDoS (Distributed Denial-of-Service) with some lab demonstrations as a Proof of Concept with countermeasures.
More informationCloudflare Advanced DDoS Protection
Cloudflare Advanced DDoS Protection Denial-of-service (DoS) attacks are on the rise and have evolved into complex and overwhelming security challenges. 1 888 99 FLARE enterprise@cloudflare.com www.cloudflare.com
More informationSecuring Online Businesses Against SSL-based DDoS Attacks. Whitepaper
Securing Online Businesses Against SSL-based DDoS Attacks Whitepaper Table of Contents Introduction......3 Encrypted DoS Attacks...3 Out-of-path Deployment ( Private Scrubbing Centers)...4 In-line Deployment...6
More informationRelease Notes. Alteon Application Switch. Version August 2, 2012
Alteon Application Switch Release Notes Version 28.1.7.0 August 2, 2012 North America Radware Inc. 575 Corporate Dr., Lobby 1 Mahwah, NJ 07430 Tel: (888) 234-5763 International Radware Ltd. 22 Raoul Wallenberg
More informationOpenFlow DDoS Mitigation
OpenFlow DDoS Mitigation C. Dillon, M. Berkelaar February 9, 2014 University of Amsterdam Quanza Engineering Introduction Distributed Denial of Service attacks Types of attacks Application layer attacks
More informationSecure web proxy resistant to probing attacks
Technical Disclosure Commons Defensive Publications Series December 04, 2017 Secure web proxy resistant to probing attacks Benjamin Schwartz Follow this and additional works at: http://www.tdcommons.org/dpubs_series
More informationActivating Intrusion Prevention Service
Activating Intrusion Prevention Service Intrusion Prevention Service Overview Configuring Intrusion Prevention Service Intrusion Prevention Service Overview Intrusion Prevention Service (IPS) delivers
More informationHow to Configure SSL VPN Portal for Forcepoint NGFW TECHNICAL DOCUMENT
How to Configure SSL VPN Portal for Forcepoint NGFW TECHNICAL DOCUMENT Ta Table of Contents Table of Contents TA TABLE OF CONTENTS 1 TABLE OF CONTENTS 1 BACKGROUND 2 CONFIGURATION STEPS 2 Create a SSL
More informationComputer Networks. HTTP and more. Jianping Pan Spring /20/17 CSC361 1
Computer Networks HTTP and more Jianping Pan Spring 2017 1/20/17 CSC361 1 First things first W1 due next Monday (Jan 23) submit a single PDF file through connex Noah posted a docx for for questions on
More informationDENIAL OF SERVICE ATTACKS
DENIAL OF SERVICE ATTACKS Ezell Frazier EIS 4316 November 6, 2016 Contents 7.1 Denial of Service... 2 7.2 Targets of DoS attacks... 2 7.3 Purpose of flood attacks... 2 7.4 Packets used during flood attacks...
More informationThe Barracuda Web Application Firewall Versus Anonymous. Best Practices for Planning and Defending Against Attacks by Anonymous.
The Barracuda Web Application Firewall Versus Anonymous Best Practices for Planning and Defending Against Attacks by Anonymous White Paper The security analysts at Barracuda Central have been continuously
More informationDixit Verma Characterization and Implications of Flash Crowds and DoS attacks on websites
Characterization and Implications of Flash Crowds and DoS attacks on websites Dixit Verma Department of Electrical & Computer Engineering Missouri University of Science and Technology dv6cb@mst.edu 9 Feb
More informationSHARE THIS WHITEPAPER. Fastest Website Acceleration for New HTTP Protocol with Alteon NG and Advanced HTTP/2 Gateway Whitepaper
SHARE THIS WHITEPAPER Fastest Website Acceleration for New HTTP Protocol with Alteon NG and Advanced HTTP/2 Gateway Whitepaper Table of Contents Executive Summary...3 The Road to HTTP/2...3 How HTTP/2
More informationSPOOFING. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006
SPOOFING Information Security in Systems & Networks Public Development Program Sanjay Goel University at Albany, SUNY Fall 2006 1 Learning Objectives Students should be able to: Determine relevance of
More informationStudying the Security in VoIP Networks
Abstract Studying the Security in VoIP Networks A.Alseqyani, I.Mkwawa and L.Sun Centre for Security, Communications and Network Research, Plymouth University, Plymouth, UK e-mail: info@cscan.org Voice
More informationBIG-IP Analytics: Implementations. Version 13.1
BIG-IP Analytics: Implementations Version 13.1 Table of Contents Table of Contents Setting Up Application Statistics Collection...5 What is Analytics?...5 About HTTP Analytics profiles... 5 Overview:
More informationR (2) Implementation of following spoofing assignments using C++ multi-core Programming a) IP Spoofing b) Web spoofing.
R (2) N (5) Oral (3) Total (10) Dated Sign Experiment No: 1 Problem Definition: Implementation of following spoofing assignments using C++ multi-core Programming a) IP Spoofing b) Web spoofing. 1.1 Prerequisite:
More informationMore on Testing and Large Scale Web Apps
More on Testing and Large Scale Web Apps Testing Functionality Tests - Unit tests: E.g. Mocha - Integration tests - End-to-end - E.g. Selenium - HTML CSS validation - forms and form validation - cookies
More informationProtecting Against Application DDoS A acks with BIG-IP ASM: A Three- Step Solution
Protecting Against Application DDoS A acks with BIG-IP ASM: A Three- Step Solution Today's security threats increasingly involve application-layer DDoS attacks mounted by organized groups of attackers
More informationSecurity Configuration Guide: Denial of Service Attack Prevention, Cisco IOS Release 12.2SX
Security Configuration Guide: Denial of Service Attack Prevention, Cisco IOS Release 12.2SX Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com
More informationEthical Hacking and Countermeasures: Web Applications, Second Edition. Chapter 3 Web Application Vulnerabilities
Ethical Hacking and Countermeasures: Web Chapter 3 Web Application Vulnerabilities Objectives After completing this chapter, you should be able to: Understand the architecture of Web applications Understand
More informationProtecting the Platforms. When it comes to the cost of keeping computers in good working order, Chapter10
Chapter10 Protecting the Platforms Painting: The art of protecting flat surfaces from the weather and exposing them to the critic. Ambrose Bierce (1842 1914) When it comes to the cost of keeping computers
More informationHTML5 Web Security. Thomas Röthlisberger IT Security Analyst
HTML5 Web Security Thomas Röthlisberger IT Security Analyst thomas.roethlisberger@csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona Tel +41 55 214 41 60 Fax +41 55 214 41 61 team@csnc.ch
More informationRobust Defenses for Cross-Site Request Forgery
University of Cyprus Department of Computer Science Advanced Security Topics Robust Defenses for Cross-Site Request Forgery Name: Elena Prodromou Instructor: Dr. Elias Athanasopoulos Authors: Adam Barth,
More informationChapter 10: Denial-of-Services
Chapter 10: Denial-of-Services Technology Brief This chapter, "Denial-of-Service" is focused on DoS and Distributed Denial-of-Service (DDOS) attacks. This chapter will cover understanding of different
More informationHTML5 Web Security. Thomas Röthlisberger IT Security Analyst
HTML5 Web Security Thomas Röthlisberger IT Security Analyst thomas.roethlisberger@csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona Tel +41 55 214 41 60 Fax +41 55 214 41 61 team@csnc.ch
More informationWireless LAN Controller Web Authentication Configuration Example
Wireless LAN Controller Web Authentication Configuration Example Document ID: 69340 Contents Introduction Prerequisites Requirements Components Used Conventions Web Authentication Web Authentication Process
More informationHyperText Transfer Protocol
Outline Introduce Socket Programming Domain Name Service (DNS) Standard Application-level Protocols email (SMTP) HTTP HyperText Transfer Protocol Defintitions A web page consists of a base HTML-file which
More informationApplication Layer Attacks. Application Layer Attacks. Application Layer. Application Layer. Internet Protocols. Application Layer.
Application Layer Attacks Application Layer Attacks Week 2 Part 2 Attacks Against Programs Application Layer Application Layer Attacks come in many forms and can target each of the 5 network protocol layers
More informationA Security Evaluation of DNSSEC with NSEC Review
A Security Evaluation of DNSSEC with NSEC Review Network Security Instructor:Dr. Shishir Nagaraja Submitted By: Jyoti Leeka November 16, 2011 1 Introduction to the topic and the reason for the topic being
More informationDenial of Service and Distributed Denial of Service Attacks
Denial of Service and Distributed Denial of Service Attacks Objectives: 1. To understand denial of service and distributed denial of service. 2. To take a glance about DoS techniques. Distributed denial
More informationThunder Series for MobileIron Sentry
DEPLOYMENT GUIDE Thunder Series for MobileIron Sentry Table of Contents 1 Overview...2 2 Deployment Guide Overview...2 3 Deployment Guide Prerequisites...2 4 Accessing the AX Series Load Balancer...2 5
More informationWhite Paper: HTML5 Streaming (Plug-in Free Web Viewer) hanwhasecurity.com
White Paper: HTML5 Streaming (Plug-in Free Web Viewer) hanwhasecurity.com Overview and Background Overview Existing web viewers require a plug-in (ActiveX, Silverlight, or NPAPI) to be installed to use
More informationANALYSIS AND EVALUATION OF DISTRIBUTED DENIAL OF SERVICE ATTACKS IDENTIFICATION METHODS
ANALYSIS AND EVALUATION OF DISTRIBUTED DENIAL OF SERVICE ATTACKS IDENTIFICATION METHODS Saulius Grusnys, Ingrida Lagzdinyte Kaunas University of Technology, Department of Computer Networks, Studentu 50,
More informationTOLLY. Radware, Inc. Radware, Inc. commissioned. DefensePro Test Summary. Throughput Benchmark and Attack Mitigation Evaluation.
Radware, Inc. DefensePro 3000 Throughput Benchmark and Attack Mitigation Evaluation Premise: Intrusion prevention products need to detect and block a wide array of common network and application attack
More informationIn the News... Anonymous dupes users into joining Megaupload attack. Daunell Butt. January 30, CS466: Computer Security
In the News... Anonymous dupes users into joining Megaupload attack CS466: Computer Security January 30, 2012 Meet the Players File Hosting Service Meet the Players File Hosting Service Large web site
More informationFeatures of a proxy server: - Nowadays, by using TCP/IP within local area networks, the relaying role that the proxy
Que: -Proxy server Introduction: Proxy simply means acting on someone other s behalf. A Proxy acts on behalf of the client or user to provide access to a network service, and it shields each side from
More informationBrowser behavior can be quite complex, using more HTTP features than the basic exchange, this trace will show us how much gets transferred.
Lab Exercise HTTP Objective HTTP (HyperText Transfer Protocol) is the main protocol underlying the Web. HTTP functions as a request response protocol in the client server computing model. A web browser,
More informationInline DDoS Protection versus Scrubbing Center Solutions. Solution Brief
Inline DDoS Protection versus Scrubbing Center Solutions Solution Brief Contents 1 Scrubbing Center vs. Inline DDoS Inspection and Mitigation... 1 2 Scrubbing Center... 2 2.1 Scrubbing Center Architecture...
More informationWork Book. Sharkfest Presentation Material. Copyright Advance Seven Limited. All rights reserved.
Work Book Presentation Material Copyright 1995-2013 Advance Seven Limited. All rights reserved. Advance Seven Limited Melville House High Street Dunmow Essex CM6 1AF United Kingdowm Table of Contents 1
More informationDDOS RESILIENCY SCORE (DRS) "An open standard for quantifying an Organization's resiliency to withstand DDoS attacks" Version July
DDOS RESILIENCY SCORE (DRS) "An open standard for quantifying an Organization's resiliency to withstand DDoS attacks" Version 1.01.01 17 July 2017... Text is available under the GNU Free Documentation
More informationSam Pickles, F5 Networks A DAY IN THE LIFE OF A WAF
Sam Pickles, F5 Networks A DAY IN THE LIFE OF A WAF Who am I? Sam Pickles Senior Engineer for F5 Networks WAF Specialist and general security type Why am I here? We get to see the pointy end of a lot of
More informationDetecting MAC Spoofing Using ForeScout CounterACT
Detecting MAC Spoofing Using ForeScout CounterACT Professional Services Library Introduction MAC address spoofing is used to impersonate legitimate devices, circumvent existing security mechanisms and
More informationPrevention Of Cross-Site Scripting Attacks (XSS) On Web Applications In The Client Side
www.ijcsi.org 650 Prevention Of Cross-Site Scripting Attacks (XSS) On Web Applications In The Client Side S.SHALINI 1, S.USHA 2 1 Department of Computer and Communication, Sri Sairam Engineering College,
More informationCisco Service Control Online Advertising Solution Guide: Behavioral. Profile Creation Using Traffic Mirroring, Release 4.0.x
CISCO SERVICE CONTROL SOLUTION GUIDE Cisco Service Control Online Advertising Solution Guide: Behavioral Profile Creation Using Traffic Mirroring, Release 4.0.x 1 Overview 2 Configuring Traffic Mirroring
More informationConfiguring attack detection and prevention 1
Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack
More informationRadware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper
Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper Table of Contents Abstract...3 Understanding Online Business
More informationDigi Connect WAN / ConnectPort WAN Cellular Setup of Surelink
Digi Connect WAN / ConnectPort WAN Cellular Setup of Surelink 1. SureLink Settings The following options configure the SureLink settings for your Digi device. These settings ensure that your device is
More informationA proposal of a countermeasure method against DNS amplification attacks using distributed filtering by traffic route changing
A proposal of a countermeasure method against DNS amplification attacks using distributed filtering by traffic route changing Yuki Katsurai *, Yoshitaka Nakamura **, and Osamu Takahashi ** * Graduate School
More informationINTRODUCTION...2 SOLUTION DETAILS...3 NOTES...3 HOW IT WORKS...4
TESTING & INTEGRATION GROUP TECHNICAL DOCUMENT DefensePro out of path with Cisco router INTRODUCTION...2 SOLUTION DETAILS...3 NOTES...3 HOW IT WORKS...4 CONFIGURATION... 4 TRAFFIC FLOW... 4 SOFTWARE AND
More informationLecture 6: Worms, Viruses and DoS attacks. II. Relationships between Biological diseases and Computers Viruses/Worms
CS 4740/6740 Network Security Feb. 09, 2011 Lecturer: Ravi Sundaram I. Worms and Viruses Lecture 6: Worms, Viruses and DoS attacks 1. Worms They are self-spreading They enter mostly thru some security
More informationDDoS Detection&Mitigation: Radware Solution
DDoS Detection&Mitigation: Radware Solution Igor Urosevic Head of Technical Department SEE CCIE #26391 Ingram Micro Inc. 1 Agenda DDoS attack overview Main point of failures Key challenges today DDoS protection
More informationDenial of Service (DoS)
Flood Denial of Service (DoS) Comp Sci 3600 Security Outline Flood 1 2 3 4 5 Flood 6 7 8 Denial-of-Service (DoS) Attack Flood The NIST Computer Security Incident Handling Guide defines a DoS attack as:
More informationWebsite Report for test.com
NeatWidget contact@neatwidget.com.au neatwidget.com.au Website Report for test.com This report grades your website on the strength of a range of important factors such as on-page optimization, off-page
More informationSolutions Business Manager Web Application Security Assessment
White Paper Solutions Business Manager Solutions Business Manager 11.3.1 Web Application Security Assessment Table of Contents Micro Focus Takes Security Seriously... 1 Solutions Business Manager Security
More informationComputer Networks. Wenzhong Li. Nanjing University
Computer Networks Wenzhong Li Nanjing University 1 Chapter 8. Internet Applications Internet Applications Overview Domain Name Service (DNS) Electronic Mail File Transfer Protocol (FTP) WWW and HTTP Content
More informationSecurity and Privacy. SWE 432, Fall 2016 Design and Implementation of Software for the Web
Security and Privacy SWE 432, Fall 2016 Design and Implementation of Software for the Web Today Security What is it? Most important types of attacks Privacy For further reading: https://www.owasp.org/index.php/
More informationSubscriber Traffic Redirection
Subscriber Traffic Redirection Published: 2014-06-06 Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, California 94089 USA 408-745-2000 www.juniper.net All rights reserved. Juniper Networks,
More informationSnapt WAF Manual. Version 1.2. February pg. 1
Snapt WAF Manual Version 1.2 February 2018 pg. 1 Contents Chapter 1: Introduction... 3 Chapter 2: General Usage... 3 IP Blacklisting IP Groups... 4 IP Blacklisting IP Access Control... 5 IP Blacklisting
More informationComputer Forensics: Investigating Network Intrusions and Cyber Crime, 2nd Edition. Chapter 3 Investigating Web Attacks
Computer Forensics: Investigating Network Intrusions and Cyber Crime, 2nd Edition Chapter 3 Investigating Web Attacks Objectives After completing this chapter, you should be able to: Recognize the indications
More informationCOMPUTER NETWORK SECURITY
COMPUTER NETWORK SECURITY Prof. Dr. Hasan Hüseyin BALIK (7 th Week) 7. Denial-of-Service Attacks 7.Outline Denial of Service Attacks Flooding Attacks Distributed Denial of Service Attacks Application Based
More informationGrandstream Networks, Inc. UCM series IP PBX Security Manual
Grandstream Networks, Inc. UCM series IP PBX Security Manual Table of Contents OVERVIEW... 4 WEB UI ACCESS... 5 UCM HTTP Server Access... 5 Protocol Type... 5 User Login... 6 Login Settings... 8 User Management
More informationGuide to DDoS Attacks November 2017
This Multi-State Information Sharing and Analysis Center (MS-ISAC) document is a guide to aid partners in their remediation efforts of Distributed Denial of Service (DDoS) attacks. This guide is not inclusive
More informationCan HTTP Strict Transport Security Meaningfully Help Secure the Web? nicolle neulist June 2, 2012 Security B-Sides Detroit
Can HTTP Strict Transport Security Meaningfully Help Secure the Web? nicolle neulist June 2, 2012 Security B-Sides Detroit 1 2 o hai. 3 Why Think About HTTP Strict Transport Security? Roadmap what is HSTS?
More informationDefeating All Man-in-the-Middle Attacks
Defeating All Man-in-the-Middle Attacks PrecisionAccess Vidder, Inc. Defeating All Man-in-the-Middle Attacks 1 Executive Summary The man-in-the-middle attack is a widely used and highly preferred type
More informationDNS SECURITY BEST PRACTICES
White Paper DNS SECURITY BEST PRACTICES Highlights Have alternative name server software ready to use Keep your name server software up-to-date Use DNSSEC-compliant and TSIG-compliant name server software
More informationTOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS
TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS 1 Introduction Your data and infrastructure are at the heart of your business. Your employees, business partners, and
More informationThreat Landscape 2017
Pattern Recognition and Applications Lab WEB Security Giorgio Giacinto giacinto@diee.unica.it Computer Security 2018 Department of Electrical and Electronic Engineering University of Cagliari, Italy Threat
More informationDenial of Service. Serguei A. Mokhov SOEN321 - Fall 2004
Denial of Service Serguei A. Mokhov SOEN321 - Fall 2004 Contents DOS overview Distributed DOS Defending against DDOS egress filtering References Goal of an Attacker Reduce of an availability of a system
More informationWEB SECURITY WORKSHOP TEXSAW Presented by Solomon Boyd and Jiayang Wang
WEB SECURITY WORKSHOP TEXSAW 2014 Presented by Solomon Boyd and Jiayang Wang Introduction and Background Targets Web Applications Web Pages Databases Goals Steal data Gain access to system Bypass authentication
More informationARP SPOOFING Attack in Real Time Environment
ARP SPOOFING Attack in Real Time Environment Ronak Sharma 1, Dr. Rashmi Popli 2 1 Deptt. of Computer Engineering, YMCA University of Science and Technology, Haryana (INDIA) 2 Deptt. of Computer Engineering,
More informationCisco IOS Classic Firewall/IPS: Configuring Context Based Access Control (CBAC) for Denial of Service Protection
Cisco IOS Classic Firewall/IPS: Configuring Context Based Access Control (CBAC) for Denial of Service Protection Document ID: 98705 Contents Introduction Prerequisites Requirements Components Used Conventions
More informationPass4sure q. Cisco Securing Cisco Networks with Sourcefire IPS
Pass4sure.500-285.42q Number: 500-285 Passing Score: 800 Time Limit: 120 min File Version: 6.1 Cisco 500-285 Securing Cisco Networks with Sourcefire IPS I'm quite happy to announce that I passed 500-285
More information2011 Global Application
20 11 Global Application & Network Security Report 2011 Global Application & Network Security Report Smart Network. Smart Business. Table of Contents 01 02 03 Executive Summary» Most important findings
More informationNETWORK SECURITY. Ch. 3: Network Attacks
NETWORK SECURITY Ch. 3: Network Attacks Contents 3.1 Network Vulnerabilities 3.1.1 Media-Based 3.1.2 Network Device 3.2 Categories of Attacks 3.3 Methods of Network Attacks 03 NETWORK ATTACKS 2 3.1 Network
More informationDistributed Denial of Service
Distributed Denial of Service Vimercate 17 Maggio 2005 anegroni@cisco.com DDoS 1 Agenda PREFACE EXAMPLE: TCP EXAMPLE: DDoS CISCO S DDoS SOLUTION COMPONENTS MODES OF PROTECTION DETAILS 2 Distributed Denial
More informationRadware. Training Policies V001.70
Radware Training Policies V001.70 TABLE OF CONTENTS SCOPE & DISCLAIMER...3 QUESTIONS?...3 TRAINING...4 OVERVIEW... 4 DELIVERY OPTIONS... 4 TRAINING ENROLLMENT & REGISTRATION... 5 COURSE EVALUATION... 5
More informationLoadbalancer.org Virtual Appliance quick start guide v6.3
Loadbalancer.org Virtual Appliance quick start guide v6.3 What are your objectives?...2 What is the difference between a one-arm and a two-arm configuration?...2 What are the different load balancing methods
More informationWeb Mechanisms. Draft: 2/23/13 6:54 PM 2013 Christopher Vickery
Web Mechanisms Draft: 2/23/13 6:54 PM 2013 Christopher Vickery Introduction While it is perfectly possible to create web sites that work without knowing any of their underlying mechanisms, web developers
More informationBandwidth Management in Radware s APSolute OS Architecture
Bandwidth Management in Radware s APSolute OS Architecture North America Radware Inc. 575 Corporate Dr Suite 205 Mahwah, NJ 07430 Tel 888 234 5763 International Radware Ltd. 22 Raoul Wallenberg St Tel
More informationBIG-IP Application Security Manager : Implementations. Version 13.0
BIG-IP Application Security Manager : Implementations Version 13.0 Table of Contents Table of Contents Preventing DoS Attacks on Applications... 13 What is a DoS attack?...13 About recognizing DoS attacks...
More informationCloudflare CDN. A global content delivery network with unique performance optimization capabilities
Cloudflare CDN A global content delivery network with unique performance optimization capabilities 1 888 99 FLARE enterprise@cloudflare.com www.cloudflare.com Overview Cloudflare provides a global content
More informationConfiguring Caching Services
CHAPTER 8 This chapter describes how to configure conventional caching services (HTTP, FTP [FTP-over-HTTP caching and native FTP caching], HTTPS, and DNS caching) for centrally managed Content Engines.
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 18: Network Attacks Department of Computer Science and Engineering University at Buffalo 1 Lecture Overview Network attacks denial-of-service (DoS) attacks SYN
More informationChapter 7. Denial of Service Attacks
Chapter 7 Denial of Service Attacks DoS attack: An action that prevents or impairs the authorized use of networks, systems, or applications by exhausting resources such as central processing units (CPU),
More informationCisco IOS HTTP Services Command Reference
Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION
More information