HAKIN9 STARTERKIT 2/2011 – DDOS ATTACKS

DDOS, a New „Old” Type of Attack!
by Orlando Pivi
In this article, Orlando presents the DDoS attack structure and the Botnet structure . He will explore DDoS attack, the Botnet prevention and the DoS defense systems. He discovers what the mainly motivations pushing hackers to commit criminals act with Botnets and DoS is. You will learn what the DDoS attack structure is and how to protect against DDoS and Botnets.

---

DDOS
by Gurudatt Shenoy
When the future comes to your doorstep, you are not sure whether to invite it in or keep it out. And when the future comes crashing in, you are either overwhelmed and mostly feel powerless. This is how one feels when their website or online service crashes. Not sure if this was a spike in interest or someone playing mischief or trying to run you out of business.

---

Protecting Yourself Against DDOS Attacks
by Ric Messier 
Discussions about denial of service revolve around networks. When someone mentions denial of service, it seems as though it’s common to envision a large flood of traffic of one sort or another. The problem is that there are a number of conditions that might cause a denial of service and not all of them are even malicious. Any event where an application that listens on the network becomes unavailable, you have a denial of service. You could argue that anytime an application becomes unavailable, whether it’s listening on the network or not, you have a denial of service.

---

DDOS Framework. Management of Targeted Attack – Interview with Amir Taaki and Patrick Strateman 
by Jorge Mieres
The DDoS attacks are used to break the availability of resources and services therefore have a fundamental role in the perspective of the attackers. Its intrinsic nature of the potential success that possess, allow attackers to obtain a high impact on the infrastructure victim.

---

Terminating the Internet or DDOS Attacks as a Cyber War Tool
by Cenk Ceylan
Internet defined as a „web between webs project” was initially a project of DARPA (American Defense Advanced Research Projects Agency) developed and was put in use in order to provide communication between it`s troops after a possible nuclear attack, later on started to be used at universities and subsequently by whole world, seems to be going back to it`s first purpose of use: Attack and defense.

---

Java Script Botnets – Implementation of Browser-based Malware and DDOS Attacks
by Daniel Godas-Lope 
Most of the botnets currently used by cybercriminals are implemented in traditional languages such as C++. More recent example are written in Java, achieving some degree of portability but the basically share the same limitations. All these botnet creators face the same problems, first they need to create a Command & Control center, to manage thousands of client and secure it against attack from the competition.

---

Security Vulnerabilities of IPv6 Tunnels
by Gabi Nakibly 
This article talks about novel security vulnerabilities of IPv6 tunnel – an important type of migration mechanisms from IPv4 to IPv6 implemented by all major operating systems and routers. The vulnerabilities allow an attacker to form routing loops which can easily pro duce DoS attacks. Gabi will describe the principles of the attack and then demonstrate how to actually implement it. These vulnerabilities were first presented at Usenix W00T ’09 in the paper I co-authored with Michael Arov.

---

Social Media
by Chris Poulin 
Twitter, Facebook, Gmail, LinkedIn, Skype, the list goes on and on and a majority of the one billion people that use these social net working sites consistently use them while at work. This unchecked flow of data is a new source of sensitive information and creates security loopholes for serious cyber attacks. From a technology stand point, enforcing a policy around social networking traffic is difficult but it must be done.

---

Secure Out-of-band Management of Critical Infrastructure at The Enterprise Branch Office 
By Robert Waldie 
As the enterprise pushes into the cloud, it is important to remain mindful of the distributed IT and communications assets that are fundamental to day-to-day operations. The widespread adoption of IaaS solutions to virtualize back office infrastructure has alleviated some of the management and maintenance headaches associated with physical IT infrastructure, however it is by no mean a silver bullet.