Prolexic slideshow: The Rising Danger of SYN Reflection DDoS Attacks

100 %
0 %
Information about Prolexic slideshow: The Rising Danger of SYN Reflection DDoS Attacks

Published on January 19, 2014

Author: prolexic7885


Denial of Service: SYN Reflection Attacks: Denial of Service: SYN Reflection Attacks How to protect your network SYN reflection attacks go mainstream: SYN reflection attacks go mainstream Distributed reflection and amplification denial of service attack, or DrDoS Malicious use of the TCP/IP Internet communication handshake One of the more sophisticated DDoS attack methods Growing in popularity due to DDoS-as-a-Service apps Now even a novice can launch a SYN attack 2 CONFIDENTIAL DDoS-as-a-Service: Even a novice can do it: DDoS-as-a-Service: Even a novice can do it Malicious actors wrap web-based user interfaces around sophisticated scripts Convenient DDoS-as-a-Service apps Attackers can launch the DDoS app from a smartphone or computer 3 CONFIDENTIAL SYN reflection attack: Misuse of the TCP handshake: SYN reflection attack: Misuse of the TCP handshake The attacker’s target must support the Transmission Control Protocol (TCP), a common Internet protocol TCP lets computers transmit data over the Internet, such as web pages and email Before data is transmitted between machines, the computers must first establish a connection by a multi-step SYN-ACK handshake If a handshake cannot be completed, the computers repeat the attempt 4 CONFIDENTIAL What is a SYN flood?: What is a SYN flood? SYN connection requests are repeated in rapid succession, until the target is overwhelmed 5 CONFIDENTIAL Spoofing misdirects the handshakes: Spoofing misdirects the handshakes At least three systems are involved: The attacker’s An intermediary victim – one or many The target Spoofing allows the attacker to pretend the target server is the source of the handshake requests The attacker gets the victim to try to connect to the target Excessive connection requests overwhelm the victim and the target 6 CONFIDENTIAL What is a SYN reflection attack?: What is a SYN reflection attack? A malicious actor bounces SYN requests off an intermediary victim machine 7 CONFIDENTIAL SYN attack mitigation: Minimize backscatter from mitigation devices: SYN attack mitigation: Minimize backscatter from mitigation devices Automated mitigation devices challenge SYN attacks to ensure they are legitimate But unmanned DDoS mitigation devices can create backscatter, compounding the effects of an attack The mitigation equipment will keep challenging the request from the spoofed IP address The result is backscatter toward the target server Packet analysis can minimize backscatter 8 Learn more in the white paper : Learn more in the white paper Download the DrDoS white paper: Analysis of SYN Reflection Attacks In this white paper, you’ll learn: Why SYN reflection attacks create so much damage How attackers misuse the TCP handshake The problem of backscatter SYN reflection attack scenario Three common SYN reflection techniques SYN mitigation techniques Attack signature to identify and stop spoofed SYN reflection attacks 9 About Prolexic: About Prolexic Prolexic Technologies is the world’s largest and most trusted provider of DDoS protection and mitigation services. Prolexic has successfully stopped DDoS attacks for more than a decade. We can stop even the largest attacks that exceed the capabilities of other DDoS mitigation service providers. 10

Add a comment

Related presentations

Related pages

Attack Trends and Statistics | DDoS Trends | Reports ...

DrDoS SYN Reflection Attacks; ... Attack Trends and Statistics. ... Latest Reflection DDoS Attack Vectors; XOR DDoS; Archives;
Read more

Security Reports | Global DDoS Attack Reports | DDoS Reports

DrDoS SYN Reflection Attacks; ... SECURITY REPORTS. Reports on DDoS attack trends including origins, ... The Rising Risk of Electronic Medical Records;
Read more

Evolving DDoS Tactics Hijack Internet and Cause Attack ...

Purveyors of distributed denial of service (DDoS) attacks are chewing ... Prolexic Q1 2014 Global DDoS Attack ... Rising Threat of DDoS Attacks.
Read more

Network Security: Denial of Service (DoS)

Denial of service (DoS) ... Traffic reflection Reflection attack: ... E.g. ping or TCP SYN with spoofed source address
Read more

WHITE PAPER Protecting DNS Infrastructure Inside and Out

... Prolexic Quarterly Global DDoS Attack Report says that the total number of distributed-denial-of-service (DDoS) attacks ... reflection DoS (DrDoS ...
Read more

Network security

Network Security: Denial of Service ... Denial of service ... “DDoS attacks: 150Gb per second and rising” ...
Read more