Computer and Network Security

Computer and Network Security

Amplification / Reflection DDoS Attacks

Several protocols such as DNS, SNMP, and NNTP have become the vehicle of choice for hackers intent on bringing down networks and otherwise causing havoc and damage.  Most of these are UDP based protocols providing the attacker the ability to spoof a source IP address with a small size request that results in much larger responses being sent to the attacked site or network.  Recent (as of late 2013) versions of BIND (for DNS) offer mechanisms for rate limiting and are not covered here.  Early 2014 has seen massive NNTP based attacks (links below for NNTP), however SNMP is also vulderable with potentially a larger impact due to the much larger response payloads possible.

Linux Related

Virtual Private Networks

  • Hamachi - Interesting secure VPN approach using P2P technologies.

National Institute of Standards and Technology (NIST) Publications (USA)