Please enable JavaScript.
Coggle requires JavaScript to display documents.
DENIAL–OF–SERVICE ATTACKS - Coggle Diagram
DENIAL–OF–SERVICE ATTACKS
Threat
Denial of Service
These attacks come from both nonmalicious and malicious sources
2 kinds
One attacker against one victim
Many against one
Flooding
Saturate or exhaust the capacity
of a critical telecommunications link
Blocked Access
Access Failure
Hardware and software fail from time to time
The failure can be sporadic or permanent
Vulnerability
Insufficient Resources
NETWORK FLOODING ATTACK
INTERNET CONTROL MESSAGE PROTOCOLS (ICMP)
Ping
Destination Unreachable
Echo
Source Quench
PING ATTACK
SMURF
ECHO–CHARGEN
SYN FLOOD
IP FRAGMENTATION: TEARDROP
Addressee Cannot Be Found
Traffic Redirection
Exploitation of KnownVulnerability
Denial-of-service attacks are often second-level
attacks
Hacker tools often begin with a known vulnerability
Physical Disconnection
Countermeasure
Network Monitoring and Administration
Capacity Planning
Load Balancing
NetworkTuning
Shunning
Blacklisting
Blacklisting
Intrusion Detection and Prevention Systems
Intrusion Detection System (IDS)
Signature-based IDS
Heuristic IDS (anomaly based)
Network-based IDS
Network-based IDS
Intrusion Prevention System (IPS)
Honeypot
Management
Backup
Physical Security
Redundancy and Server Farms
Planning
Risk analysis
Disaster recovery planning
Incident response plan
Distributed Denial of Service
Bots
Botnets