原创力文档- 2
- 0
- 约7.34千字
- 约 29页
- 2018-06-24 发布于四川
- 举报
Framework - Eastern Illinois University Eastern Illinois 框架-伊利诺斯东部的伊利诺斯东部大学
Targeted Break-in, DoS, Malware attacks (II) (February 18 2013) ? Abdou Illia – Spring 2013 * Learning Objectives Discuss DoS attacks Discuss Malware attacks Denial of Service Attacks * TCP opening and DoS For each TCP connection request (SYN), server has to: Respond to the request (SYN/ACK) Set resources aside in order respond to each data request . . . . SYN SYN/ACK ACK Waiting for request from Computer 1 1 SYN SYN/ACK ACK 2 SYN SYN/ACK ACK 3 Waiting for request from Computer 2 Waiting for request from Computer 3 Server . . . * Web Server configuration * Denial of Service (DoS) What resources the web server would use to respond to each of the HTTP requests it receives? What could be the consequences of the web server being invaded by too much requests from the attacker? Attacker’s Home Network * Denial of Service (DoS) Attack Attack that makes a computer’s resources unavailable to legitimate users Types of DoS attacks: Single-message DoS Flooding DoS Distributed DoS * Single-message DoS attacks First kind of DoS attacks to appear Exploit weakness in the coding of operating systems and network applications Three main single-message DoS: Ping-of-Death Teardrop LAND attack * Ping of Death attacks Take advantage of Fact that TCP/IP allows large packets to be fragmented Some network applications operating systems’ inability to handle packets larger than 65536 bytes Attacker sends IP packets that are larger than 65,536 bytes through IP fragmentation. Ping of death attacks are rare today as most operating systems have been fixed to prevent this type of attack from occurring. Example of PoD code and vulnerable Operating Systems: /sploits/ping-o-death.html Fix Add checks in the reassembly process or in firewall to protect hosts with bug not fixed Check: Sum of Total Length fields for fragmented IP is 65536 bytes Total Length (16 bits) Flags Fragment Offset (13 bits) Fragment offset: identify which fragment this packet is attached to. Flags: indicates whet
您可能关注的文档
- c东方之门鉴宝活动策划方案.ppt
- c体验·地中海之旅——锦绣银湾12月推广活动策划案.ppt
- Contact Center - Home - FRED Collaborative Work Areas联络中心-家-弗莱德协同工作区.ppt
- CRM渠道合作伙伴管理.ppt
- c房地产网络营销策划方案基础认识及制定技巧.ppt
- c新天葡萄酒 卓越形象的收费形式—品牌年度全程服务费制.ppt
- c平安保险营销员培训课程.ppt
- CPS课程——采购与供应链案例.ppt
- C语言实战交流课时1-课时.ppt
- c电子电气产品国际环保法规培训课程.ppt
- 全过程工程管理造价咨询工程监理项目服务方案投标方案(技术部分).doc
- 招标代理服务投标技术服务方案(技术方案).doc
- AI大模型与AIGC技术在公安领域的应用解决方案(99页 PPT).pptx
- 工业4.0智能制造数字工厂规划方案.pptx
- 树立社会主义核心价值观.docx
- 三年(2023-2025)中考历史真题分类汇编(全国)专题21 科技文化与社会生活(解析版).docx
- 2025年中考道德与法治真题完全解读(吉林卷).pdf
- 2025年中考道德与法治真题完全解读(安徽卷).pdf
- 三年(2023-2025)中考历史真题分类汇编(全国)专题14 人民解放战争(解析版).pdf
- 三年(2023-2025)广东中考历史真题分类汇编:专题03 中国近代史(八年级上册)(解析版).docx
最近下载
- Leica_TS16_UM_v2-0-0_zh-徕卡实用说明书.pdf VIP
- 医院感染暴发控制标准2025版课件.pptx VIP
- 医学免疫学(全套课件272P)ppt课件.pptx VIP
- 古建筑安全监测技术标准.pdf VIP
- A4版2023安徽省中考数学答题卡.pdf
- Vaillant威能VIH CN 水罐参数技术参数.pdf
- 喷墨打印OLED技术全球竞争格局与发展策略.docx VIP
- 2025年9月山西医科大学附属晋中医院(晋中市第一人民医院)招聘编制外人员38人笔试模拟试题及答案解析.docx VIP
- 2025年9月山西医科大学附属晋中医院(晋中市第一人民医院)招聘编制外人员38人考试参考试题及答案解析.docx VIP
- 人教版物理8年级下册全册教学课件.pptx
文档评论(0)