|
Denial of Service |
|
Listing: |
- CERT
Advisory CA-2000-01
Denial of Service developments including description,
impact, and solutions.
- Cisco
Strategies to protect against distributed
denial of service (DDoS) attacks. This article
applies primarily to sites using Cisco equipment.
- DDOS
Class Action Lawsuit
Organization and discussion of class-action
lawsuits by victims of DDOS attacks.
- DDoS
World
Knowledge base: including news articles, white
papers, and advisories.
- Deconstructing
Denial of Service Attacks
How to assess risk and avoid unwitting
participation in this relatively new tactic.
- Denial
of Service Database
Details of many attacks: categorized by platform
affected and using OSAT notation. No longer
updated.
- Denial
of Service (DoS) Resource Page
Collection of articles and links about Denial
of Service attacks
- Denial
of Service Help Page
Advice for victims of Denial Of Service Attacks,
geared towards users of IRC (Internet Relay
Chat)
- Distributed
Denial of Service (DDoS) Attacks and Tools
A bibliography of recent papers and advisories
on DDoS attacks and tools, by David Dittrich
of the University of Washington (USA).
- DoShelp.com
Tools and patches to protect a person's computer
from hackers, Denial of Service, and other
intrusions.
- GRC.com:
Denial of Service Investigation and Exploration
Pages
Analysis and investigation of the DoS threat
posed by Windows XP, and reports and logs
from when GRC.com was the victim of a DDoS
attack.
- Hacking
the DoS
An interview on hacking and denial of service
attacks with Brian Martin and David Dittrich.
Available in text and various forms of audio.
- Internet
Storm Center - Slammer Worm Analysis
Detailed analysis of the Slammer worm responsible
for recent widespread denial of service activities
- Microsoft
Windows Update
Latest bugfixes for Microsoft Windows, including
fixes for some possible DoS attacks.
- National
Infrastructure Protection Center (NIPC)
The National Infrastructure Protection Center
(NIPC) serves as a national critical infrastructure
threat assessment, warning, vulnerability,
and law enforcement investigation and response
entity.
- Netscan.org
Public service which proactively scans for
networks acting as smurf amplifiers.
- Network
Ingress Filtering
A simple, effective, and straightforward method
for network administrators to prohibit DoS
attacks which use forged IP addresses.
- 10
Proposed 'First-Aid' Security Measures Against
Distributed Denial Of Service Attacks
Whitepaper detailing "easy and fast to implement
methods to protect against those attacks."
[PDF format]
- Red
Hat Linux General Security Advisory
Updated bind packages fixing DoS attack.
- Sans
Institute Global Incident Analysis Center
Special notice and analysis of Rootkit/Smurf
Payload Toolkit v 1.1.
- SecurityFocus
Site maintains an extensive database of vunerabilities
and solutions including Denial Of Service
attacks.
- Smurf
Amplifier Registry
The SAR lets you probe Internet connected
IP networks to see whether or not they are
configured in a way that will allow perpetrators
to use them for smurf amplification.
- Smurf
Attack Information
White paper describing and giving information
on how to minimize the effects of smurf attacks.
- Stacheldraht
Analysis
An analysis of "stacheldraht", a distributed
denial of service attack tool, based on source
code from the "Tribe Flood Network" distributed
denial of service attack tool.
- Trinoo
Analysis
An analysis of the DoS Project's trin00 master/slave
programs, which implement a distributed network
denial of service tool.
- Whatis
Definition of Denial of Service
Definition plus discussion of various types
of DoS attacks and how they work, including
Buffer Overflow, SYN, Teardrop and Smurf.
- Zombie
Zapper
Free, open source tool that can tell a zombie
system to stop flooding. Zombie Zapper works
against Trinoo, TFN, Stacheldraht, Troj_Trinoo
(the trinoo daemon ported to Windows), and
Shaft.
- GCN.com:
How to Stop a Service Denial Attack Before
It Stops You
Shawn P. McCarthy provides a quick overview
of various kinds of DDOS attacks. He also
explains why defending against this type of
attack requires upstream infrastructure providers
to cooperate with the victim. (July
2, 2001)
- UDP
DoS attacks
A malicious Java-based applet can keep Windows
users from accessing Domain Name Servers on
the Web. (February 23, 2001)
- DDoS
Is Neither Dead Nor Forgotten
How DDoS attacks have developed over the past
year, and what has been learned; preparation
is essential to prevention. [NetworkMagazine.com]
(February 5, 2001)
- Tools
Stunt DoS Attack
InternetWeek article written in the aftermath
of the Denial of Service attack on Microsoft's
domain name servers discusses various ways
to combat these tactics. (February
5, 2001)
- CERT
Incident Note: DoS Attacks Using Nameservers
Description of how intruders are using nameservers
to execute packet flooding denial of service
attacks. (January 15, 2001)
- Defying
Denial of Service Attacks
Discussion of the main DoS methods and how
to protect your PCs and servers from them.
[NetworkMagazine.com] (December 5,
2000)
- Distributed Denial
of Service Attacks
A DDOS exploit multiplies the disruptive power
of denial of service attacks. The article
discusses methods used and how to detect them.
[NetworkMagazine.com] (March 1, 2000)
- ACM:
Ubiquity - Distributed Denial-of-Service Attacks
Article by M. E. Kabay about the effect of
DDoS attacks on major e-commerce sites, and
the legal ramifications thereof. (February
20, 2000)
|
|
|