Radware's DDoS Handbook - The Ultimate Guide to Everything You Need to Know about DDoS Attacks by Radware.pdf

(1004 KB) Pobierz

@cybersecurity1O1

DDoS

HANDBOOK

THE ULTIMATE GUIDE

TO EVERYTHING YOU

NEED TO KNOW ABOUT

DDoS ATTACKS

SHARE THE DDoS HANDBOOK

service names are registered trademarks of Radware in the U.S. and other countries. All other

trademarks and names are the property of their respective owners.

@cybersecurity1O1

Table of Contents

Introduction ...........................................................................................................4

A Quick Look Back .................................................................................................5

DDoS Handbook

Recent History: Notable Cyber-Attacks of 2014 ......................................................8

Attack Types ........................................................................................................10

Attack Tools .........................................................................................................19

Enterprise Security: Then and Now.......................................................................24

What Lies Ahead: Predictions for 2015 and Beyond ..............................................29

DDoS Mitigation Considerations ...........................................................................31

Checklist: How to Evaluate a Vendor for DDoS & Cyber-Attack Mitigation .............35

DDoS Dictionary ..................................................................................................37

@cybersecurity1O1

DDoS Handbook

Introduction

Since the first denial of service (DoS) was launched in 1974,

distributed denial of service (DDoS) and other DoS attacks have

remained among the most persistent and damaging cyber-attacks.

These attacks reflect hackers’ frustratingly high levels of tenacity

and creativity—and create complex and dynamic challenges for

anyone responsible for cyber security.

While cyber-threats are by nature a moving target, this primer offers

an overview to help detect and mitigate attacks. Radware’s DDoS

Handbook delivers:

• Brief history of DDoS attacks plus a roundup of recent

cyber-attacks

• Overview of major attack types and tools

• Brief discussion of the ongoing evolution of enterprise security

• Actionable tools and tips for attack detection and mitigation

• Detailed vendor evaluation checklist for DDoS and cyber-attack

detection and mitigation

• DDoS dictionary to help communicate about and address threats

Throughout the handbook, you’ll also encounter some key findings

and analysis from

Radware’s 2014-2015 Global Application &

Network Security Report—one

of the industry’s leading pieces of

research into DDoS and other cyber-attacks.

@cybersecurity1O1

A Quick Look Back

In 2014, the DoS attack celebrated its 40th birthday. Born as

the handiwork of a teenaged “computer geek,” these attacks

have since exploded in quantity—and sophistication.

The Early Days

The first-ever DoS attack occurred in 1974 courtesy of David

Dennis—a 13-year-old student at University High School, located

across the street from the Computer-Based Education Research

Laboratory (CERL) at the University of Illinois at Urbana-Champaign.

David learned about a command that could be run on CERL’s

PLATO terminals. PLATO was one of the first computerized shared

learning systems, and a forerunner of many future multi-user

computing systems. Called “external” or “ext,” the command was

meant to allow for interaction with external devices connected to

the terminals. However, when run on a terminal with no external

devices attached the command would cause the terminal to lock

up—requiring a shutdown and power-on to regain functionality.

Curious to see what it would be like for a room full of users to be

locked out at once, David wrote a program that would send the

“ext” command to many PLATO terminals at the same time. He

went over to CERL and tested his program—which succeeded

in forcing all 31 users to power off at once. Eventually the

acceptance of a remote “ext” command was switched off by

default, fixing the problem.

During the mid- to late 1990s, when Internet Relay Chat (IRC) first

became popular, some users fought for control of non-registered

chat channels, where an administrative user would lose his or

her powers if he or she logged off. This behavior led hackers to

attempt to force all users in a channel to log out, so hackers could

enter the channel alone and gain administrator privileges as the

only user present. These “king of the hill” battles—in which users

would attempt to take control of an IRC channel and hold it in the

face of attacks from other hackers—were fought using very simple

bandwidth-based DoS attacks and IRC chat floods.

@cybersecurity1O1

DDoS Handbook

Plik z chomika:

kufel_007

Inne pliki z tego folderu:

The IoT Hacker’s A Practical Guide to Hacking the Internet of Things.pdf (18975 KB)
security-cissp-all-in-one-exam-guide-6th-edition.pdf (60183 KB)
ethical-hacking-a-hands-on-introduction-to-breaking-in.pdf (8872 KB)
Mastering Reverse Engineering Re-engineer your ethical hacking skills by Reginald Wong.pdf (14578 KB)
Black-Hat-Go_Go-Programming-For-Hackers-and-Pentesters.pdf (23456 KB)

Radware's DDoS Handbook - The Ultimate Guide to Everything You Need to Know about DDoS Attacks by Radware.pdf

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: