MODERN APPROACHES OF SECURING COMPUTER NETWORKS FROM DENIAL OF SERVICE ATTACKS
DOI:
https://doi.org/10.47839/ijc.4.2.341Keywords:
Denial of service attack, distributed attack, flooding attack, network security, firewall, intrusion detection system, traffic shaping, application level defense, TCP Interception, IP hopping, scannerAbstract
The aim of this paper is to understand reasons why denial of service (DoS) attacks are happening; to find ways how to avoid these attacks or lessen their influence; to work out strategy of detecting and preventing these attacks.References
Compiler StackGuard. http://immunix.org
Immunix Project. http://www.immunix.com
Openwall Linux Kernel Patch. http://www.openwall.com/linux/
Lukatskyj A.V. Attacks Detection. –SPb.: BHV-Petersburg, 2001.
Riverhead Networks: DDoS Attacks. http://www.riverhead.com/re/generic_ddos.html
Riverhead Networks: DDoS Tools. http://www.riverhead.com/re/known_ddos_tools.html
P. Ferguson, D. Senie. Network Ingress Filtering: Defeating Denial of Service Attacks Which Employ IP Source Address Spoofing. RFC2827, May 2000.
Nuclear Elephant: evasive maneuvers module for Apache mod_dosevasive. http://www.nuclearelephant.com/projects/dosevasive/
DNS Flood Detector. http://www.adotout.com/dnsflood.html
Cisco: Configuring TCP Intercept . http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/secur_c/scprt3/scdenial.htm
Federal Computer Incident Response Center. Defense Tactics for Distributed Denial of Service Attacks. http://www.fedcirc.gov/docs/DDOS-defense.PDF
D. Dittrich. "The Tribe Flood Network" Distributed Denial of Service Attack Tool. http://staff.washington.edu/dittrich/misc/tfn.analysis
D. Dittrich. "The stacheldraht" Distributed Denial of Service Attack Tool. http://staff.washington.edu/dittrich/misc/stacheldraht.analysis
D. Dittrich. "The DoS Project's trinoo" Distributed Denial of Service Attack Tool. http://staff.washington.edu/dittrich/misc/trinoo.analysis
J. Barlow, W. Thrower. TFN2K - An Analysis. AXENT Security Team. March 7, 2000. http://packetstorm.decepticons.org/distributed/tfn.analysis.txt
R. Keyes. The Naptha DoS Vulnerabilities. Razor: Security Advisories and Publications. November 30, 2000. http://razor.bindview.com/publish/advisories/adv_NAPTHA.html
Dan Bernstein's tcpserver. http://cr.yp.to/ucspi-tcp.html
Robin Keir’s DDoSPing Scanner. http://www.keir.net
Razor’s Zombie Zapper Utility. http://razor.bindview.com
NIPC’s scanner find_ddos. http://www.nipc.gov
David Brumley’s RID. http://www.theorygroup.com/Software/RID
David Dittrich’s DDoS detectors. http://staff.washington.edu/dittrich/misc/ddos_scan.tar
Simple Nomad’s tfn2kpass (tfn2k password recovery tool). http://razor.bindview.com/
Linux Advanced Routing & Traffic Control HOWTO. Protecting your host from SYN floods. http://en.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.cookbook.html
Cisco. IOS Essential Features. http://www.cisco.com/public/cons/isp
Downloads
Published
How to Cite
Issue
Section
License
International Journal of Computing is an open access journal. Authors who publish with this journal agree to the following terms:• Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
• Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
• Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.
