Chapter 11 – |
Denial-of-Service Attacks |
Diane E. (Dione) Levine
Gary C. Kessler
Chapter Contents:
|
11.1 |
|
Introduction
|
|
11.2 |
|
Denial-of-Service Attacks
|
|
11.2.1 |
|
History of Denial-of-Service Attacks
|
|
11.2.2 |
|
Costs of Denial-of-Service Attacks
|
|
11.2.3 |
|
Types of Denial-of-Service Attacks
|
|
11.2.4 |
|
Specific Denial-of-Service Attacks
|
|
11.2.4.1 |
|
Destructive Devices
|
|
11.2.4.2 |
|
E-mail (and E-mail Subscription) Bombing
|
|
11.2.4.3 |
|
Buffer Overflow
|
|
11.2.4.4 |
|
[Bandwidth] Consumption
|
|
11.2.4.5 |
|
Routing and Domain Name System Attacks
|
|
11.2.4.6 |
|
SYN Flooding
|
|
11.2.4.7 |
|
Resource Starvation
|
|
11.2.4.8 |
|
Java
|
|
11.2.4.9 |
|
Router Attacks
|
|
11.2.4.10 |
|
Other Denial-of-Service Attacks
|
|
11.2.5 |
|
Preventing and Responding to Denial-of-Service Attacks
|
|
11.3 |
|
Distributed Denial-of-Service Attacks
|
|
11.3.1 |
|
Short History of Distributed Denial of Service
|
|
11.3.2 |
|
Distributed Denial-of-Service Terminology and Overview
|
|
11.3.3 |
|
Distributed Denial-of-Service Tool Descriptions
|
|
11.3.3.1 |
|
Trinoo (Trin00)
|
|
11.3.3.2 |
|
Tribe Flood Network
|
|
11.3.3.3 |
|
Stacheldrah
|
|
11.3.3.4 |
|
TFN2K
|
|
11.3.3.5 |
|
Other Types of Distributed Denials of Service
|
|
11.3.3.6 |
|
Denial of Service Using Exploitable Software
|
|
11.3.4 |
|
Defenses against Distributed Denials of Service
|
|
11.3.4.1 |
|
User and System Administrator Actions
|
|
11.3.4.2 |
|
Local Network Actions5
|
|
11.3.4.3 |
|
Internet Service Provider Actions
|
|
11.3.4.4 |
|
Code Red/NIMDA Defensive Actions
|
|
11.3.4.5 |
|
Other Tools under Development or Consideration
|
|
11.4 |
|
Management Issues
|
|
11.5 |
|
Note
|
|
11.6 |
|
Suggested Resources
|
|
|
|