assuring reliable and secure it service
DESCRIPTION
ASSURING RELIABLE AND SECURE IT SERVICE. PPM BUSINESS SCHOOL. MM-46. JANUARY 16, 2010. LECTURER: HENRY CHRISTIANTO, ST., MTI. INTRODUCTION. HACKER IS EVERYWHERE…. IS THAT INTERNET SAVE ?. Big Iron. S. D. Source :. Austin, Robert D.;. Leibrock. , Larry; Murray, Alan,. “. The. - PowerPoint PPT PresentationTRANSCRIPT
JANUARY 16, 2010
LECTURER: HENRY CHRISTIANTO, ST., MTI
HACKER IS EVERYWHERE…. IS THAT INTERNET SAVE ?
Chapter 5 Figure 5-7
iPremier Co Cage
To Public Internet
D
UPPER LOWER NORMA
InternetRouter
Router- Cust A
Router- Cust B
Router- Cust ...
VPN Cust B
VPN Cust ...
Router Firewall
Web Server Cluster
Database Server
S D
SD
SMTP/POPServer
SD
DNS Servers
Ethernet Switch
SD
Web Accelerator
Router to HO
T1
SD
NetworkManagement
Ethernet Switches
Qdata Facility
DIAGRAM SIMPLIFIED FOR ILLUSTRATION PURPOSES
VPN Cust A
VPN iPremier Company
Qdata Private Network
SD
Network Management
SD
S D
Big Iron
Source : Austin, Robert D.; Leibrock, Larry; Murray, Alan, “The iPremierCompany: Denial of Service Attack (A), ”Harvard Business School Case No. 601-114.
4.31 am 4.39 am 5.27 am 5.46 am
• WEB SITE LOCKED• FLOODING E-MAIL
• TRIAL 1 : RESTART WEB SERVER
• RESULT : FAILED• RECOMENDATION : PULL THE PLUG
• ANALYZE: SYN FLOOD DoS ATTACK• TRIAL 2 : SHUTTING DOWN TRAFFIC• RESULT : FAILED
SERVER IS RUNNING, ATTACK
STOPPED
Chapter 6 Figure 6-6
Normal and DoS Handshakes
WebUser’s PC
WebsiteServer
WebsiteServer
WebUser’s PC
SYN: User’s PC says “hello”
ACK-SYN: Server says “Do you want to talk”
ACK: User’s PC says “Yes, let’s talk”
Normal Handshake
DoS Handshake
SYN: User’s PC says “hello” repeatedly
ACK-SYN: Server says “Do you want to talk” repeatedly
No Response: User’s PC waits for server to “timeout”
Source: Austin, Robert D. "The iPremier Company, The (A), (B), and (C): Denial of Service Attack." Harvard Business School Teaching Note 602-033.
Chapter 6 Figure 6-7
A Distributed Denial of Service Attack
Source: Austin, Robert D. "The iPremier Company, The (A), (B), and (C): Denial of Service Attack." Harvard Business School Teaching Note 602-033.
W ebsiteServer
Attacker 1
Attacker 3
Attacker 2
Attacker 5
Attacker 4
Attacker 6
Attacker 7
Attacker 8
Attack Leader
Attack Leader facilitates SYN floods from multiple sources.