How to Protect Your Network from Protocol-Based DDoS Attacks

50 %
50 %
Information about How to Protect Your Network from Protocol-Based DDoS Attacks
Others-Misc

Published on January 19, 2014

Author: prolexic7885

Source: authorstream.com

Printers, Routers Used in Cyber Attacks: Printers, Routers Used in Cyber Attacks How to protect your network The DrDoS attack: A popular cyber attack: The DrDoS attack: A popular cyber attack Distributed reflection and amplification denial of service attack, or DrDoS Malicious use of Internet protocols Difficult to trace back to the origin, because spoofing can mask the origin of the attack Sysadmins can take specific actions to reduce the vulnerability of their network devices and servers 2 CONFIDENTIAL Even printers may be hijacked by criminals using DrDoS attacks: Even printers may be hijacked by criminals using DrDoS attacks Support for common network protocols allows devices on your network to be employed in denial of service attacks Vulnerable devices include: Printers Cameras Routers Hubs Sensors O ther network devices 3 Secure your IT devices and infrastructure: Secure your IT devices and infrastructure Three vulnerable network protocols used in devices: Simple Network Management Protocol (SNMP) Network Time Protocol (NTP) Character Generation Protocol (CHARGEN) Like many other network protocols, these protocols were written with functionality, not security, in mind Can be used to misdirect and amplify responses to the attacker’s target 4 CONFIDENTIAL Simple Network Management Protocol (SNMP): Simple Network Management Protocol (SNMP) For communicating with IP-based devices, such as routers, switches, servers, printers, modems, IP video cameras, IP phones, network bridges, hubs, alarms and thermometers Transmits data about device components, measurements, sensor readings and variables Allows users to monitor these devices Use of human-readable cleartext makes SNMPv1 and v2 vulnerable to interception and modification The origin of the transmission cannot be verified The white paper explains how to mitigate vulnerability to SNMP DrDoS attacks 5 www.prolexic.com Network Time Protocol (NTP): Network Time Protocol (NTP) For synchronizing time and date information on computer clocks on the Internet I mplemented on all major operating systems, network infrastructure devices and embedded devices Susceptible to spoofing, like the User Datagram Protocol (UDP) upon which is it built Attacker may cause multiple requests for time updates to be sent to multiple NTP hosts, directing their responses to the attacker’s target Team-Cymru authored a secure NTP server template that can be used as a baseline for DDoS protection against NTP reflection attacks The white paper provides a link to the Team-Cymru NTP server template 6 www.prolexic.com Character Generation Protocol (CHARGEN): Character Generation Protocol (CHARGEN) Can be used for debugging network connections, network payload generating and bandwidth testing Two types of CHARGEN services: TCP and UDP UDP version is vulnerable to spoofing Misuse of the testing features may allow attackers to craft malicious network payloads and direct the responses to the attacker’s target The U.S. cyber security organization CERT recommends reconsidering whether these protocols are needed in your organization The white paper provides a link to details about the CERT recommendation 7 Why protocol-based DrDoS attacks happen: Why protocol-based DrDoS attacks happen DrDoS protocol reflection attacks are possible due to the inherent design of the original architecture and structure of these protocols Closing the security gaps permanently would require creating new protocols, which is unlikely to happen in the short term By disabling or restricting unneeded functionality, sysadmins can eliminate these vulnerabilities Prolexic customers are protected from these attacks as part of our DDoS protection and mitigation services 8 www.prolexic.com Learn more in the white paper : Learn more in the white paper Download the DrDoS white paper: SNMP, NTP and CHARGEN attacks In this white paper, you’ll learn: Three common network protocols used in reflection attacks How SNMP, NTP and CHARGEN can be used malicious actors How your printers and network devices may be employed by cyber attackers Specific action to minimize your network’s exposure and mitigate protocol attacks What the internet community could do to reduce the risk 9 About Prolexic: About Prolexic Prolexic Technologies is the world’s largest and most trusted provider of DDoS protection and mitigation services. Prolexic has successfully stopped DDoS attacks for more than a decade. We can stop even the largest attacks that exceed the capabilities of other DDoS mitigation service providers. 10

Add a comment

Related presentations

Related pages

How to Protect Your Network From Protocol-Based DDoS Attacks

Printers, Routers Used in Cyber AttacksHow to protect your network www.prolexic.com The DrDoS attack: A popular cyber attack ...
Read more

How to Protect Your Network from Protocol-Based DDoS ...

... How to Protect Your Network from Protocol-Based DDoS ... how_to_protect_your_network_from_pr ... Some DDoS and DrDoS attacks target IP ...
Read more

How to Protect Your Network from Protocol-Based DDoS ...

Title: How to Protect Your Network from Protocol-Based DDoS Attacks, ... Prolexic, Name: how_to_protect_your_network_from_pr, Length: 10 pages, Page: ...
Read more

DDoS Protection: Stop DDoS Attacks & Protect Web Assets

... multi-faceted DDoS defense system that keeps your network ... Incapsula DDoS protection services ... from volumetric and protocol-based DDoS attacks.
Read more

How to Protect Your Network from Protocol-Based DDoS ...

1. Printers, Routers Used in Cyber Attacks How to protect your network www.prolexic.com ; 2. The ...
Read more

DDoS Network protection - Snapi Guard : Snapi Guard

Protect your infrastructure from even the largest and smartest DDoS attacks
Read more

DDoS Protection - Denial of Service Mitigation | Sucuri

Protect your website with DDoS prevention and ... Sucuri’s DDoS Protection & Mitigation service can ... Protocol Based DoS Attacks ...
Read more

Corero_DDoS a Modern Day Opportunity.pdf

expansive network architecture that ... to DDoS attacks can be exponential and fiscally damaging 65 ... that will protect them from new DDoS threats ...
Read more