Herding Cats. Carl Brothers, F5 Field Systems Engineer

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Herding Cats. Carl Brothers, F5 Field Systems Engineer"

Transcription

1 Herding Cats Carl Brothers, F5 Field Systems Engineer

2 Agenda Introductions Security is easy, right Trivia Protecting your apps, one layer at a time How to survive an Attack Time permitting F5 Networks, Inc 2

3 Securing applications can be complex Ownership Challenges with security team making the dev team fix vulnerabilities Attack visibility Is often lacking details to truly track and identify attacks and their source, and ensure compliance and forensics Webification Impossible to build safeguards into applications in a timely manner Changing threats increasing in complexity that requires intelligence and on-going learning Scalability and performance Needed to ensure services are available during the onset of aggressive attacks F5 Networks, Inc 3

4 Common attacks on web applications CSRF Cookie manipulation OWASP top 10 Brute force attacks Forceful browsing Buffer overflows Web scraping Parameter tampering SQL injections Information leakage Field manipulation Session high jacking Cross-site scripting Zero-day attacks Command injection ClickJacking Bots Business logic flaws F5 Networks, Inc 4

5 F5 Networks, Inc 5

6 Quick Trivia the Cuckoo s Egg

7 Trivia Question 1 What do the following have in common? , the Hacker Quarterly 2. Captain Crunch 3. Blue Box F5 Networks, Inc 7

8 Trivia Question 2 What do these things have in common? Waste of computer time at Harvard One of Homer s greatest works Doggonit, it s hard to compute F5 Networks, Inc 8

9 Trivia Question 3 Band who sang the song Low Rider? F5 Networks, Inc 9

10 Protecting your apps, one layer at a time

11 Attacks by the Layer Increasing difficulty of attack detection OSI stack Physical (1) Data Link (2) Network (3) Transport (4) Session (5) Presentation (6) Application (7) OSI stack Network attacks SYN Flood, Connection Flood, UDP Flood, Push and ACK Floods, Teardrop, ICMP Floods, Ping Floods and Smurf Attacks Session attacks DNS UDP Floods, DNS Query Floods, DNS NXDOMAIN Floods, SSL Floods, SSL Renegotiation Application attacks OWASP Top 10 (SQL Injection, XSS, CSRF, etc.), Slowloris, Slow Post, HashDos, GET Floods F5 Networks, Inc 11

12 Reference Architecture Next-Generation Firewall Corporate Users Tier 1 Tier 2 Multiple ISP strategy Network attacks: ICMP flood, UDP flood, SYN flood SSL attacks: SSL renegotiation, SSL flood Financial Services Legitimate Users DDoS Attacker ISPa/b Cloud Scrubbing Service DNS attacks: DNS amplification, query flood, dictionary attack, DNS poisoning Network and DNS IPS HTTP attacks: Slowloris, slow POST, recursive POST/GET Application E-Commerce Subscriber Threat Feed Intelligence Scanner Anonymous Proxies Anonymous Requests Botnet Attackers Strategic Point of Control F5 Networks, Inc 12

13 Reference Architecture Next-Generation Firewall Corporate Users TIER 1 KEY FEATURES Legitimate Users DDoS Attacker Multiple ISP strategy ISPa/b Cloud Scrubbing Service Threat Feed Intelligence Network attacks: ICMP flood, UDP flood, SYN flood DNS attacks: DNS amplification, query flood, dictionary attack, DNS poisoning Tier 1 Network and DNS Tier 2 The first tier at the SSL attacks: perimeter SSL renegotiation, is layer 3 SSL flood and 4 network firewall services Simple load balancing Application to a second tier HTTP attacks: Slowloris, slow POST, recursive POST/GET IP reputation database IPS Mitigates volumetric and DNS DDoS attacks Financial Services E-Commerce Subscriber Scanner Anonymous Proxies Anonymous Requests Botnet Attackers Strategic Point of Control F5 Networks, Inc 13

14 F5 Networks, Inc 14

15 Threat Feed intelligence Botnet Restricted region or country IP intelligence service Attacker Custom application Anonymous requests Financial application Anonymous proxies Scanner Geolocation database Internally infected devices and servers F5 Networks, Inc 15

16 Reference Architecture Next-Generation Firewall Corporate Users TIER 2 KEY FEATURES Legitimate Users DDoS Attacker Multiple ISP strategy ISPa/b Cloud Scrubbing Service Threat Feed Intelligence Tier 1 The second tier is for Network ICMP flood, attacks: application-aware, UDP flood, SYN flood CPU-intensive defense mechanisms SSL termination DNS DNS amplification, attacks: query flood, dictionary attack, DNS poisoning Network and DNS Web application firewall Mitigate asymmetric and SSL-based DDoS attacks IPS SSL attacks: SSL renegotiation, SSL flood HTTP attacks: Slowloris, slow POST, recursive POST/GET Tier 2 Application Financial Services E-Commerce Subscriber Scanner Anonymous Proxies Anonymous Requests Botnet Attackers Strategic Point of Control F5 Networks, Inc 16

17 Using a full-proxy architecture WAF WAF Slowloris attack XSS HTTP HTTP Data leakage SSL renegotiation SYN flood ICMP flood SSL TCP SSL TCP Network Firewall F5 Networks, Inc 17

18 Layer 7 Attack Examples Attacks Slowloris XerXes DoS LOIC/HOIC Slow POST (RUDY) #RefRef DoS Apache Killer HashDos Active (Since) Jun 2009 Feb 2010 Nov 2010 Nov 2010 Jul 2011 Aug 2011 Dec 2011 Threat /Flaw HTTP Get Request, Partial Header Flood TCP (8 times increase, 48 threads) TCP/UDP/ HTTP Get floods HTTP web form field, Slow 1byte send Exploit SQLi for recursive SQL ops Overlapping HTTP ranges Overwhelms hash tables of all popular web platforms Java, ASP, Apache, Tomcat. Impact Attack can be launched remotely, Denial of Services (DOS), Resource Exhaustion, tools and script publicly available F5 Networks, Inc 18

19 Which technology to use? CLOUD/HOSTED SERVICE ON-PREMISES DEFENSE Content delivery network Network firewall with SSL inspection Communications service provider Web application firewall Cloud-based DDoS service On-premises DDoS solution Intrusion detection/prevention F5 Networks, Inc 19

20 The Answer: All of the Above F5 Networks, Inc 20

21 F5 Networks, Inc 21

22 How to survive an Attack To the uninitiated, an attack can be a scary, stressful ordeal. Sometimes the first attack can appear randomly. Sometimes a competitor knows exactly the right (or wrong) day to take your high-value service offline. An outage like this can cause panic and force people into making decisions that they normally wouldn t make such as paying a high ransom to stop an attack.

23 F5 Networks, Inc 23

24 Prework There are 5 worksheets to complete that will assist in repelling a DDoS attack. If you have not recorded this information prior to your first attack, record it as you collect it. Then you can laminate these worksheets and keep them on the datacenter wall. F5 Networks, Inc 24

25 Worksheets Contact List fill it out as you initiate contact. Whitelists map your partners, users and services. Application Triage know your own applications Device Map Create a device map. Attack Log Note the attack details F5 Networks, Inc 25

26 Ten Survival Guidelines 1. Verify the Attack 2. Contact the Team Leads 3. Triage Applications 4. Identify the Attack 5. Protect remote Users and Partners F5 Networks, Inc 26

27 Ten Survival Guidelines 6. Evaluate Source Address Mitigation Options 7. Mitigate Specific Application Attacks 8. Increase Application-Level Security Posture 9. Constrain Resources 10. Additional Considerations Contact me for the full 15 page source document. F5 Networks, Inc 27

28 Contact Info: Carl Brothers F5 Networks, Inc 28

29

Comprehensive datacenter protection

Comprehensive datacenter protection Comprehensive datacenter protection There are several key drivers that are influencing the DDoS Protection market: DDoS attacks are increasing in frequency DDoS attacks are increasing in size DoS attack

More information

Securing and Accelerating the InteropNOC with F5 Networks

Securing and Accelerating the InteropNOC with F5 Networks Securing and Accelerating the InteropNOC with F5 Networks Joe Wojcik - Consultant II - J.Wojcik@F5.com Ken Bocchino - Principal Systems Architect KB@F5.com Agenda Overview of F5 SPDY (Pronounced Speedy

More information

F5 Synthesis Information Session. April, 2014

F5 Synthesis Information Session. April, 2014 F5 Synthesis Information Session April, 2014 Agenda Welcome and Introduction to Customer Technology Challenges Software Defined Application Services Reference Architectures for Today s Customer Challenges

More information

What s next for your data center? Power Your Evolution with Physical and Virtual ADCs. Jeppe Koefoed Wim Zandee Field sales, Nordics

What s next for your data center? Power Your Evolution with Physical and Virtual ADCs. Jeppe Koefoed Wim Zandee Field sales, Nordics What s next for your data center? Power Your Evolution with Physical and Virtual ADCs. Jeppe Koefoed Wim Zandee Field sales, Nordics Vision: Everything as a service Speed Scalability Speed to Market

More information

BIG-IP otse vastu internetti. Kas tulemüüri polegi vaja?

BIG-IP otse vastu internetti. Kas tulemüüri polegi vaja? BIG-IP otse vastu internetti. Kas tulemüüri polegi vaja? Tarmo Mamers Heigo Mansberg Network Firewall Imagery stackexchange.com Network Firewall Functions Network Firewall Traffic OUTSIDE INSIDE INBOUND

More information

F5 comprehensive protection against application attacks. Jakub Sumpich Territory Manager Eastern Europe

F5 comprehensive protection against application attacks. Jakub Sumpich Territory Manager Eastern Europe F5 comprehensive protection against application attacks Jakub Sumpich Territory Manager Eastern Europe j.sumpich@f5.com Evolving Security Threat Landscape cookie tampering Identity Extraction DNS Cache

More information

Estrategias de mitigación de amenazas a las aplicaciones bancarias. Carlos Valencia Sales Engineer - LATAM

Estrategias de mitigación de amenazas a las aplicaciones bancarias. Carlos Valencia Sales Engineer - LATAM Estrategias de mitigación de amenazas a las aplicaciones bancarias. Carlos Valencia Sales Engineer - LATAM c.valencia@f5.com 2017 F5 Networks 1 - - - - - - - 2017 F5 Networks 2 2017 F5 Networks 3 The Big

More information

KEEPING THE BAD GUYS OUT WHILE LETTING THE GOOD GUYS IN. Paul Deakin Federal Field Systems Engineer

KEEPING THE BAD GUYS OUT WHILE LETTING THE GOOD GUYS IN. Paul Deakin Federal Field Systems Engineer KEEPING THE BAD GUYS OUT WHILE LETTING THE GOOD GUYS IN Paul Deakin Federal Field Systems Engineer F5 MISSION Deliver the most secure, fast, and reliable applications to anyone anywhere at any time. F5

More information

haltdos - Web Application Firewall

haltdos - Web Application Firewall haltdos - DATASHEET Delivering best-in-class protection for modern enterprise Protect your website against OWASP top-10 & Zero-day vulnerabilities, DDoS attacks, and more... Complete Attack Protection

More information

RETHINKING DATA CENTER SECURITY. Reed Shipley Field Systems Engineer, CISSP State / Local Government & Education

RETHINKING DATA CENTER SECURITY. Reed Shipley Field Systems Engineer, CISSP State / Local Government & Education RETHINKING DATA CENTER SECURITY Reed Shipley r.shipley@f5.com Field Systems Engineer, CISSP State / Local Government & Education http://gcn.com/blogs/cybereye/2013/10/it-professionals-survey.aspx September

More information

Integrated Web Application Firewall (WAF) & Distributed Denial Of Service (DDoS) Mitigation For Today s Enterprises

Integrated Web Application Firewall (WAF) & Distributed Denial Of Service (DDoS) Mitigation For Today s Enterprises Integrated Web Application Firewall (WAF) & Distributed Denial Of Service (DDoS) Mitigation For Today s Enterprises AI-driven website & network protection service that secures online businesses from today's

More information

WHITE PAPER. DDoS of Things SURVIVAL GUIDE. Proven DDoS Defense in the New Era of 1 Tbps Attacks

WHITE PAPER. DDoS of Things SURVIVAL GUIDE. Proven DDoS Defense in the New Era of 1 Tbps Attacks WHITE PAPER 2017 DDoS of Things SURVIVAL GUIDE Proven DDoS Defense in the New Era of 1 Tbps Attacks Table of Contents Cyclical Threat Trends...3 Where Threat Actors Target Your Business...4 Network Layer

More information

Silverline DDoS Protection. Filip Verlaeckt

Silverline DDoS Protection. Filip Verlaeckt Silverline DDoS Protection Filip Verlaeckt f.verlaeckt@f5.com The evolution of attackers September 1996 First high profile DDoS attack. NY ISP Panix.com that was nearly put out of business. January 2008

More information

Architecture: Consolidated Platform. Eddie Augustine Major Accounts Manager: Federal

Architecture: Consolidated Platform. Eddie Augustine Major Accounts Manager: Federal Architecture: Consolidated Platform Eddie Augustine Major Accounts Manager: Federal Current DoD Situation Stovepipes of Technology icontrol Customization irules Solutions Security Access Availability Load

More information

Secure your Web Applications with AWS WAF & AWS Shield. James Chiang ( 蔣宗恩 ) AWS Solution Architect

Secure your Web Applications with AWS WAF & AWS Shield. James Chiang ( 蔣宗恩 ) AWS Solution Architect Secure your Web Applications with AWS WAF & AWS Shield James Chiang ( 蔣宗恩 ) AWS Solution Architect www.cloudsec.com What to expect from this session Types of Threats AWS Shield AWS WAF DEMO Real World

More information

Imma Chargin Mah Lazer

Imma Chargin Mah Lazer Imma Chargin Mah Lazer How to protect against (D)DoS attacks Oliver Matula omatula@ernw.de #2 Denial of Service (DoS) Outline Why is (D)DoS protection important? Infamous attacks of the past What types

More information

Cloudflare Advanced DDoS Protection

Cloudflare Advanced DDoS Protection Cloudflare Advanced DDoS Protection Denial-of-service (DoS) attacks are on the rise and have evolved into complex and overwhelming security challenges. 1 888 99 FLARE enterprise@cloudflare.com www.cloudflare.com

More information

Chapter 7. Denial of Service Attacks

Chapter 7. Denial of Service Attacks Chapter 7 Denial of Service Attacks DoS attack: An action that prevents or impairs the authorized use of networks, systems, or applications by exhausting resources such as central processing units (CPU),

More information

Mitigating DDoS A acks with F5 Technology

Mitigating DDoS A acks with F5 Technology Mitigating DDoS A acks with F5 Technology Distributed denial-of-service attacks may be organized by type into a taxonomy that includes network attacks (layers 3 and 4), session attacks (layers 5 and 6),

More information

Integrated Web Application Firewall & Distributed Denial of Service (DDoS) Mitigation Solution

Integrated Web Application Firewall & Distributed Denial of Service (DDoS) Mitigation Solution Integrated Web Application Firewall & Distributed Denial of Service (DDoS) Mitigation Solution (Layer 3/4 and Layer 7) Delivering best-in-class network and web application security to the modern enterprise

More information

Radware s Attack Mitigation Solution Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

Radware s Attack Mitigation Solution Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper SHARE THIS WHITEPAPER Radware s Attack Mitigation Solution Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper Table of Contents Understanding the Threat

More information

TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS

TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS 1 Introduction Your data and infrastructure are at the heart of your business. Your employees, business partners, and

More information

THUNDER WEB APPLICATION FIREWALL

THUNDER WEB APPLICATION FIREWALL SOLUTION BRIEF THUNDER WEB APPLICATION FIREWALL STOP WEB ATTACKS TO PREVENT COSTLY DATA BREACHES MOBILE USERS REQUIRE SECURE ALWAYS-ON NETWORK ACCESS Web applications have become the number one battlefield

More information

DATACENTER SECURITY. Paul Deakin System Engineer, F5 Networks

DATACENTER SECURITY. Paul Deakin System Engineer, F5 Networks DATACENTER SECURITY Paul Deakin System Engineer, F5 Networks Datacenter Security Needs To scale To secure To simplify Scale for a work-anywhere / SSL everywhere world. Security for applications and data

More information

Advanced Techniques for DDoS Mitigation and Web Application Defense

Advanced Techniques for DDoS Mitigation and Web Application Defense Advanced Techniques for DDoS Mitigation and Web Application Defense Dr. Andrew Kane, Solutions Architect Giorgio Bonfiglio, Technical Account Manager June 28th, 2017 2017, Amazon Web Services, Inc. or

More information

WEB DDOS PROTECTION APPLICATION PROTECTION VIA DNS FORWARDING

WEB DDOS PROTECTION APPLICATION PROTECTION VIA DNS FORWARDING WEB DDOS PROTECTION APPLICATION PROTECTION VIA DNS FORWARDING A STRONG PARTNER COMPANY Link11 - longstanding security experience Link11 is a European IT security provider, headquartered in Frankfurt, Germany

More information

Cyber Attacks and Application - Motivation, Methods and Mitigation. Alfredo Vistola Solution Architect Security, EMEA

Cyber Attacks and Application - Motivation, Methods and Mitigation. Alfredo Vistola Solution Architect Security, EMEA Cyber Attacks and Application - Motivation, Methods and Mitigation Alfredo Vistola a.vistola@f5.com Solution Architect Security, EMEA Attacks are Moving Up the Stack Network Threats Application Threats

More information

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 8

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 8 Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Security Chapter 8 System Vulnerabilities and Denial of Service Attacks System Vulnerabilities and

More information

snoc Snoc DDoS Protection Fast Secure Cost effective Introduction Snoc 3.0 Global Scrubbing Centers Web Application DNS Protection

snoc Snoc DDoS Protection Fast Secure Cost effective Introduction Snoc 3.0 Global Scrubbing Centers Web Application DNS Protection Snoc DDoS Protection Fast Secure Cost effective sales@.co.th www..co.th securenoc Introduction Snoc 3.0 Snoc DDoS Protection provides organizations with comprehensive protection against the most challenging

More information

Protect your apps and your customers against application layer attacks

Protect your apps and your customers against application layer attacks Protect your apps and your customers against application layer attacks Development 1 IT Operations VULNERABILITY DETECTION Bots, hackers, and other bad actors will find and exploit vulnerabilities in web

More information

ERT Threat Alert New Risks Revealed by Mirai Botnet November 2, 2016

ERT Threat Alert New Risks Revealed by Mirai Botnet November 2, 2016 Abstract The Mirai botnet struck the security industry in three massive attacks that shook traditional DDoS protection paradigms, proving that the Internet of Things (IoT) threat is real and the grounds

More information

A10 DDOS PROTECTION CLOUD

A10 DDOS PROTECTION CLOUD DATA SHEET A10 DDOS PROTECTION CLOUD A10 Networks provides full spectrum DDoS defenses. This includes multi-vector protection from attacks of any type to ensure the availability of enterprise business

More information

Pushed to the Limit! Network and Application Security Threat Landscape Lior Zamir Technical Account Manager

Pushed to the Limit! Network and Application Security Threat Landscape Lior Zamir Technical Account Manager Pushed to the Limit! Network and Application Security Threat Landscape 2017-8 Lior Zamir Technical Account Manager January 2018 2 About Radware 3 About Radware Market Leader in Application Availability

More information

Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper Table of Contents Abstract...3 Understanding Online Business

More information

68% 63% 50% 25% 24% 20% 17% Credit Theft. DDoS. Web Fraud. Cross-site Scripting. SQL Injection. Clickjack. Cross-site Request Forgery.

68% 63% 50% 25% 24% 20% 17% Credit Theft. DDoS. Web Fraud. Cross-site Scripting. SQL Injection. Clickjack. Cross-site Request Forgery. PRESENTED BY: Credit Theft 68% DDoS 63% Web Fraud 50% Cross-site Scripting SQL Injection Clickjack Cross-site Request Forgery 25% 24% 20% 17% Other 2% F5 Ponemon Survey -Me East-West Traffic Flows App

More information

Intelligent and Secure Network

Intelligent and Secure Network Intelligent and Secure Network BIG-IP IP Global Delivery Intelligence v11.2 IP Intelligence Service Brian Boyan - b.boyan@f5.com Tony Ganzer t.ganzer@f5.com 2 Agenda Welcome & Intro Introduce F5 IP Intelligence

More information

Key Considerations in Choosing a Web Application Firewall

Key Considerations in Choosing a Web Application Firewall Key Considerations in Choosing a Web Application Firewall Today, enterprises are extending their businesses by using more web-based and cloud-hosted applications, so a robust and agile web application

More information

Introduction Who needs WAF anyway? The Death of WAF? Advanced WAF Why F5?

Introduction Who needs WAF anyway? The Death of WAF? Advanced WAF Why F5? Introduction Who needs WAF anyway? The Death of WAF? Advanced WAF Why F5? https://laurent22.github.io/so-injections/ https://laurent22.github.io/so-injections/ 13 major airlines flight information credit

More information

Corrigendum 3. Tender Number: 10/ dated

Corrigendum 3. Tender Number: 10/ dated (A premier Public Sector Bank) Information Technology Division Head Office, Mangalore Corrigendum 3 Tender Number: 10/2016-17 dated 07.09.2016 for Supply, Installation and Maintenance of Distributed Denial

More information

86% of websites has at least 1 vulnerability and an average of 56 per website WhiteHat Security Statistics Report 2013

86% of websites has at least 1 vulnerability and an average of 56 per website WhiteHat Security Statistics Report 2013 Vulnerabilities help make Web application attacks amongst the leading causes of data breaches +7 Million Exploitable Vulnerabilities challenge organizations today 86% of websites has at least 1 vulnerability

More information

Imperva Incapsula Product Overview

Imperva Incapsula Product Overview Product Overview DA T A SH E E T Application Delivery from the Cloud Whether you re running a small e-commerce business or in charge of IT operations for an enterprise, will improve your website security

More information

A GUIDE TO DDoS PROTECTION

A GUIDE TO DDoS PROTECTION HTTP CACHE BYPASS FLOOD THINK APP SECURITY FIRST CHOOSING THE RIGHT MODEL A GUIDE TO DDoS PROTECTION DNS AMPLIFICATION INTRODUCTION By thinking proactively about DDoS defense, organizations can build a

More information

We b Ap p A t ac ks. U ser / Iden tity. P hysi ca l 11% Other (VPN, PoS,infra.)

We b Ap p A t ac ks. U ser / Iden tity. P hysi ca l 11% Other (VPN, PoS,infra.) We b Ap p A t ac ks U ser / Iden tity 33% 53% Apps And Identities Initial Targets In 86% Of Breaches P hysi ca l 11% Other (VPN, PoS,infra.) 3% Fix vulnerabilities Stop web attacks Risk & compliance What

More information

Application Security. Rafal Chrusciel Senior Security Operations Analyst, F5 Networks

Application Security. Rafal Chrusciel Senior Security Operations Analyst, F5 Networks Application Security Rafal Chrusciel Senior Security Operations Analyst, F5 Networks r.chrusciel@f5.com Agenda Who are we? Anti-Fraud F5 Silverline DDOS protection WAFaaS Threat intelligence & malware

More information

A custom excerpt from Frost & Sullivan s Global DDoS Mitigation Market Research Report (NDD2-72) July, 2014 NDD2-74

A custom excerpt from Frost & Sullivan s Global DDoS Mitigation Market Research Report (NDD2-72) July, 2014 NDD2-74 Analysis of the Global Distributed Denial of Service (DDoS) Mitigation Market Abridged Version Rise of the DDoS Attack Spurs Demand for Comprehensive Solutions A custom excerpt from Frost & Sullivan s

More information

COMPUTER NETWORK SECURITY

COMPUTER NETWORK SECURITY COMPUTER NETWORK SECURITY Prof. Dr. Hasan Hüseyin BALIK (7 th Week) 7. Denial-of-Service Attacks 7.Outline Denial of Service Attacks Flooding Attacks Distributed Denial of Service Attacks Application Based

More information

Sam Pickles, F5 Networks A DAY IN THE LIFE OF A WAF

Sam Pickles, F5 Networks A DAY IN THE LIFE OF A WAF Sam Pickles, F5 Networks A DAY IN THE LIFE OF A WAF Who am I? Sam Pickles Senior Engineer for F5 Networks WAF Specialist and general security type Why am I here? We get to see the pointy end of a lot of

More information

August 14th, 2018 PRESENTED BY:

August 14th, 2018 PRESENTED BY: August 14th, 2018 PRESENTED BY: APPLICATION LAYER ATTACKS 100% 80% 60% 40% 20% 0% DNS is the second most targeted protocol after HTTP. DNS DoS techniques range from: Flooding requests to a given host.

More information

Beyond Blind Defense: Gaining Insights from Proactive App Sec

Beyond Blind Defense: Gaining Insights from Proactive App Sec Beyond Blind Defense: Gaining Insights from Proactive App Sec Speaker Rami Essaid CEO Distil Networks Blind Defense Means Trusting Half Your Web Traffic 46% of Web Traffic is Bots Source: Distil Networks

More information

Presenting the VMware NSX ECO System May Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe

Presenting the VMware NSX ECO System May Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe Presenting the ware NSX ECO System May 2015 Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe Agenda 10:15-11:00 ware NSX, the Network Virtualization Platform 11.15-12.00 Palo Alto

More information

Enterprise D/DoS Mitigation Solution offering

Enterprise D/DoS Mitigation Solution offering Enterprise D/DoS Mitigation Solution offering About the Domain TCS Enterprise Security and Risk Management (ESRM) offers full services play in security with integrated security solutions. ESRM s solution

More information

Configuring attack detection and prevention 1

Configuring attack detection and prevention 1 Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack

More information

DDoS Detection&Mitigation: Radware Solution

DDoS Detection&Mitigation: Radware Solution DDoS Detection&Mitigation: Radware Solution Igor Urosevic Head of Technical Department SEE CCIE #26391 Ingram Micro Inc. 1 Agenda DDoS attack overview Main point of failures Key challenges today DDoS protection

More information

Configuring attack detection and prevention 1

Configuring attack detection and prevention 1 Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack

More information

SOLUTION BRIEF. Enabling and Securing Digital Business in API Economy. Protect APIs Serving Business Critical Applications

SOLUTION BRIEF. Enabling and Securing Digital Business in API Economy. Protect APIs Serving Business Critical Applications Enabling and Securing Digital Business in Economy Protect s Serving Business Critical Applications 40 percent of the world s web applications will use an interface Most enterprises today rely on customers

More information

Cyber War Chronicles Stories from the Virtual Trenches

Cyber War Chronicles Stories from the Virtual Trenches Cyber War Chronicles Stories from the Virtual Trenches Ron Winward Security Evangelist Radware, Inc. March 17, 2016 Background on the Radware Report Key Cyber Attack Trends for 2015-2016 Case Study: Look

More information

the Breakdown of Perimeter Defenses

the Breakdown of Perimeter Defenses WikiLeak s Operation Payback and the Breakdown of Perimeter Defenses Carl W. Herberger Radware Session ID:SPO2-304 Session Classification: Sponsor Case Studies Agenda DDoS/DoS Attacks Have Matured Recap

More information

Threat Pragmatics. Target 6/19/ June 2018 PacNOG 22, Honiara, Solomon Islands Supported by:

Threat Pragmatics. Target 6/19/ June 2018 PacNOG 22, Honiara, Solomon Islands Supported by: Threat Pragmatics 25-29 June 2018 PacNOG 22, Honiara, Solomon Islands Supported by: Issue Date: Revision: 1 Target Many sorts of targets: Network infrastructure Network services Application services User

More information

Fighting the Shadows: How to Stop Real-world Cybersecurity Application Threats That You Can t See

Fighting the Shadows: How to Stop Real-world Cybersecurity Application Threats That You Can t See Fighting the Shadows: How to Stop Real-world Cybersecurity Application Threats That You Can t See Louis Scialabba Carrier Solutions Marketing Nov 2015 November 16, 2015 Topics What s New in Cybersecurity

More information

DoS Cyber Attack on a Government Agency in Europe- April 2012 Constantly Changing Attack Vectors

DoS Cyber Attack on a Government Agency in Europe- April 2012 Constantly Changing Attack Vectors DoS Cyber Attack on a Government Agency in Europe- April 2012 Constantly Changing Attack Vectors 1 Table of Content Preamble...3 About Radware s DefensePro... 3 About Radware s Emergency Response Team

More information

Security+ Guide to Network Security Fundamentals, Fourth Edition. Network Attacks Denial of service Attacks

Security+ Guide to Network Security Fundamentals, Fourth Edition. Network Attacks Denial of service Attacks Security+ Guide to Network Security Fundamentals, Fourth Edition Network Attacks Denial of service Attacks Introduction: What is DoS? DoS attack is an attempt (malicious or selfish) by an attacker to cause

More information

Check Point DDoS Protector Introduction

Check Point DDoS Protector Introduction Check Point DDoS Protector Introduction Petr Kadrmas SE Eastern Europe pkadrmas@checkpoint.com Agenda 1 (D)DoS Trends 2 3 4 DDoS Protector Overview Protections in Details Summary 2 (D)DoS Attack Methods

More information

DDoS Protector. Simon Yu Senior Security Consultant. Block Denial of Service attacks within seconds CISSP-ISSAP, MBCS, CEH

DDoS Protector. Simon Yu Senior Security Consultant. Block Denial of Service attacks within seconds CISSP-ISSAP, MBCS, CEH DDoS Protector Block Denial of Service attacks within seconds Simon Yu Senior Security Consultant CISSP-ISSAP, MBCS, CEH 2012 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved. 2012

More information

Solutions Business Manager Web Application Security Assessment

Solutions Business Manager Web Application Security Assessment White Paper Solutions Business Manager Solutions Business Manager 11.3.1 Web Application Security Assessment Table of Contents Micro Focus Takes Security Seriously... 1 Solutions Business Manager Security

More information

GOING WHERE NO WAFS HAVE GONE BEFORE

GOING WHERE NO WAFS HAVE GONE BEFORE GOING WHERE NO WAFS HAVE GONE BEFORE Andy Prow Aura Information Security Sam Pickles Senior Systems Engineer, F5 Networks NZ Agenda: WTF is a WAF? View from the Trenches Example Attacks and Mitigation

More information

Curso: Ethical Hacking and Countermeasures

Curso: Ethical Hacking and Countermeasures Curso: Ethical Hacking and Countermeasures Module 1: Introduction to Ethical Hacking Who is a Hacker? Essential Terminologies Effects of Hacking Effects of Hacking on Business Elements of Information Security

More information

F5 Application Security. Radovan Gibala Field Systems Engineer

F5 Application Security. Radovan Gibala Field Systems Engineer 1 F5 Application Security Radovan Gibala Field Systems Engineer r.gibala@f5.com +420 731 137 223 2007 2 Agenda Challenge Websecurity What are the problems? Building blocks of Web Applications Vulnerabilities

More information

Fregata. DDoS Mitigation Solution. Technical Specifications & Datasheet 1G-5G

Fregata. DDoS Mitigation Solution. Technical Specifications & Datasheet 1G-5G Fregata DDoS Mitigation Solution Technical Specifications & Datasheet 1G-5G Amidst fierce competition, your business cannot afford to slow down With HaltDos, you don t have to sacrifice productivity and

More information

2015 DDoS Attack Trends and 2016 Outlook

2015 DDoS Attack Trends and 2016 Outlook CDNetworks 2015 DDoS Attack Trends and 2016 Outlook 2016, January CDNetworks Security Service Team Table of Contents 1. Introduction... 3 2. Outline... 3 3. DDoS attack trends... 4 4. DDoS attack outlook

More information

DDoS Hybrid Defender. SSL Orchestrator. Comprehensive DDoS protection, tightly-integrated on-premises and cloud

DDoS Hybrid Defender. SSL Orchestrator. Comprehensive DDoS protection, tightly-integrated on-premises and cloud SSL Orchestrator DDoS Hybrid Defender All-in-one solution designed to deliver increased visibility into encrypted traffic Comprehensive DDoS protection, tightly-integrated on-premises and cloud Converts

More information

Intrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks

Intrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks Intrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks So we are proposing a network intrusion detection system (IDS) which uses a Keywords: DDoS (Distributed Denial

More information

Anti-DDoS. FAQs. Issue 11 Date HUAWEI TECHNOLOGIES CO., LTD.

Anti-DDoS. FAQs. Issue 11 Date HUAWEI TECHNOLOGIES CO., LTD. Issue 11 Date 2018-05-28 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2019. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any

More information

DDoS Introduction. We see things others can t. Pablo Grande.

DDoS Introduction. We see things others can t. Pablo Grande. DDoS Introduction We see things others can t Pablo Grande pgrande@arbor.net DoS & DDoS. Unavailability! Interruption! Denial of Service (DoS) attack is an attempt to make a machine or network resource

More information

An Introduction to DDoS attacks trends and protection Alessandro Bulletti Consulting Engineer, Arbor Networks

An Introduction to DDoS attacks trends and protection Alessandro Bulletti Consulting Engineer, Arbor Networks An Introduction to DDoS attacks trends and protection Alessandro Bulletti Consulting Engineer, Arbor Networks abulletti@arbor.net Topics Covered The DDOS cyber threat and impacts Cyprus attacks trend in

More information

Cyber Security Guidelines Distributed Denial of Service (DDoS) Attacks

Cyber Security Guidelines Distributed Denial of Service (DDoS) Attacks Cyber Security Guidelines Distributed Denial of Service (DDoS) Attacks Version: 1.0 Author: Cyber Security Policy and Standards Document Published Date: March 2018 Table of Contents Version: 1.0 Page 1

More information

Web Applications Security. Radovan Gibala F5 Networks

Web Applications Security. Radovan Gibala F5 Networks Applications Security Radovan Gibala F5 Networks How does the current situation look like? Application Trends and Drivers ification of applications Intelligent browsers and applications Increasing regulatory

More information

sottotitolo System Security Introduction Milano, XX mese 20XX A.A. 2016/17 Federico Reghenzani

sottotitolo System Security Introduction Milano, XX mese 20XX A.A. 2016/17 Federico Reghenzani Titolo presentazione Piattaforme Software per la Rete sottotitolo System Security Introduction Milano, XX mese 20XX A.A. 2016/17 Outline 1) Introduction to System Security 2) Basic Exploits 3) Network

More information

2nd SIG-NOC meeting and DDoS Mitigation Workshop Scrubbing Away DDOS Attacks. 9 th November 2015

2nd SIG-NOC meeting and DDoS Mitigation Workshop Scrubbing Away DDOS Attacks. 9 th November 2015 2nd SIG-NOC meeting and DDoS Mitigation Workshop Scrubbing Away DDOS Attacks 9 th November 2015 AKAMAI SOLUTIONS WEB PERFORMANCE SOLUTIONS MEDIA DELIVERY SOLUTIONS CLOUD SECURITY SOLUTIONS CLOUD NETWORKING

More information

INTRODUCTION: DDOS ATTACKS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC

INTRODUCTION: DDOS ATTACKS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC INTRODUCTION: DDOS ATTACKS 1 DDOS ATTACKS Though Denial of Service (DoS) and Distributed Denial of Service (DDoS) have been common attack techniques used by malicious actors for some time now, organizations

More information

Arbor Solution Brief Arbor Cloud for Enterprises

Arbor Solution Brief Arbor Cloud for Enterprises Arbor Solution Brief Arbor Cloud for Enterprises Integrated DDoS Protection from the Enterprise to the Cloud About Arbor Networks Arbor Networks Inc., the cyber security division of NETSCOUT, helps secure

More information

Denial of Service. Eduardo Cardoso Abreu - Federico Matteo Bencic - Pavel Alexeenko -

Denial of Service. Eduardo Cardoso Abreu - Federico Matteo Bencic - Pavel Alexeenko - Denial of Service Eduardo Cardoso Abreu - e.abreu@fe.up.pt Federico Matteo Bencic - up201501013@fe.up.pt Pavel Alexeenko - ei11155@fe.up.pt Index What is Denial of Service (DoS)? DoS vs DDoS (Distributed

More information

Understanding Cisco Cybersecurity Fundamentals

Understanding Cisco Cybersecurity Fundamentals 210-250 Understanding Cisco Cybersecurity Fundamentals NWExam.com SUCCESS GUIDE TO CISCO CERTIFICATION Exam Summary Syllabus Questions Table of Contents Introduction to 210-250 Exam on Understanding Cisco

More information

Additional Security Services on AWS

Additional Security Services on AWS Additional Security Services on AWS Bertram Dorn Specialized Solutions Architect Security / Compliance / DataProtection AWS EMEA The Landscape The Paths Application Data Path Path Cloud Managed by Customer

More information

Why IPS Devices and Firewalls Fail to Stop DDoS Threats

Why IPS Devices and Firewalls Fail to Stop DDoS Threats Arbor White Paper Why IPS Devices and Firewalls Fail to Stop DDoS Threats How to Protect Your Data Center s Availability About Arbor Networks Arbor Networks, Inc. is a leading provider of network security

More information

The Top 6 WAF Essentials to Achieve Application Security Efficacy

The Top 6 WAF Essentials to Achieve Application Security Efficacy The Top 6 WAF Essentials to Achieve Application Security Efficacy Introduction One of the biggest challenges IT and security leaders face today is reducing business risk while ensuring ease of use and

More information

Cisco Firepower with Radware DDoS Mitigation

Cisco Firepower with Radware DDoS Mitigation Cisco Firepower with Radware DDoS Mitigation Business Decision Maker Presentation Eric Grubel VP Business development, Radware February 2017 DDoS in the news French hosting firm flooded with 1 Tbps traffic

More information

Blended Security Threats and Mitigations

Blended Security Threats and Mitigations Blended Security Threats and Mitigations Introductions Ben Harder f5 Networks David Remington f5 Networks A Special Thank You to Ron Shuck and the Wichita ISSA Chapter. Some definitions: Blended Attack:

More information

Are You Fully Prepared to Withstand DNS Attacks?

Are You Fully Prepared to Withstand DNS Attacks? WHITE PAPER Are You Fully Prepared to Withstand DNS Attacks? Fortifying Mission-Critical DNS Infrastructure Are You Fully Prepared to Withstand DNS Attacks? Fortifying Mission-Critical DNS Infrastructure

More information

SOLUTION BRIEF CA API MANAGEMENT. Enable and Protect Your Web Applications From OWASP Top Ten With CA API Management

SOLUTION BRIEF CA API MANAGEMENT. Enable and Protect Your Web Applications From OWASP Top Ten With CA API Management SOLUTION BRIEF CA API MANAGEMENT Enable and Protect Your Web Applications From OWASP Top Ten With CA API Management 2 SOLUTION BRIEF ENABLE AND PROTECT YOUR WEB APPLICATIONS WITH CA API MANAGEMENT ca.com

More information

Large FSI DDoS Protection Reference Architecture

Large FSI DDoS Protection Reference Architecture Large FSI DDoS Protection Reference Architecture Customers ISPa Tier 1: Protecting L3-4 and DNS Network Firewall Services + Simple Load Balancing to Tier 2 Tier 2: Protecting L7 Web Application Firewall

More information

Excerpts of Web Application Security focusing on Data Validation. adapted for F.I.S.T. 2004, Frankfurt

Excerpts of Web Application Security focusing on Data Validation. adapted for F.I.S.T. 2004, Frankfurt Excerpts of Web Application Security focusing on Data Validation adapted for F.I.S.T. 2004, Frankfurt by fs Purpose of this course: 1. Relate to WA s and get a basic understanding of them 2. Understand

More information

SECURE YOUR APPLICATIONS, SIMPLIFY AUTHENTICATION AND CONSOLIDATE YOUR INFRASTRUCTURE

SECURE YOUR APPLICATIONS, SIMPLIFY AUTHENTICATION AND CONSOLIDATE YOUR INFRASTRUCTURE SECURE YOUR APPLICATIONS, SIMPLIFY AUTHENTICATION AND CONSOLIDATE YOUR INFRASTRUCTURE San Diego March 21, 2013 John Lee Field Systems Engineer Conjecture of relative breach impact is based on publicly

More information

Enterprise Overview. Benefits and features of Cloudflare s Enterprise plan FLARE

Enterprise Overview. Benefits and features of Cloudflare s Enterprise plan FLARE Enterprise Overview Benefits and features of s Enterprise plan 1 888 99 FLARE enterprise@cloudflare.com www.cloudflare.com This paper summarizes the benefits and features of s Enterprise plan. State of

More information

DDOS RESILIENCY SCORE (DRS) "An open standard for quantifying an Organization's resiliency to withstand DDoS attacks" Version July

DDOS RESILIENCY SCORE (DRS) An open standard for quantifying an Organization's resiliency to withstand DDoS attacks Version July DDOS RESILIENCY SCORE (DRS) "An open standard for quantifying an Organization's resiliency to withstand DDoS attacks" Version 1.01.01 17 July 2017... Text is available under the GNU Free Documentation

More information

Computer Security: Principles and Practice

Computer Security: Principles and Practice Computer Security: Principles and Practice Chapter 8 Denial of Service First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Denial of Service denial of service (DoS) an action

More information

CSE 565 Computer Security Fall 2018

CSE 565 Computer Security Fall 2018 CSE 565 Computer Security Fall 2018 Lecture 18: Network Attacks Department of Computer Science and Engineering University at Buffalo 1 Lecture Overview Network attacks denial-of-service (DoS) attacks SYN

More information

Web Security. Outline

Web Security. Outline Security CS 161/194-1 Anthony D. Joseph November 21, 2005 s Outline Static and Dynamic Content Firewall review Adding a DMZ Secure Topologies 2 1 Polls How many people have set up a personal web server?

More information