BN203: Distributed Denial of Service Attacks (DDoS) - Network Security Assignment

Internal Code: MAS3178

Network Security Assignment:

Part A: Distributed denial of service (DDoS) attacks present a significant security threat to corporations. In one study, covering a three-week period, investigators observed more than 12,000 attacks against more than 5000 distinct targets, ranging from well-known e-commerce companies such as Amazon and Hotmail to small foreign ISPs and dial-up connections. DDoS attacks make computer systems inaccessible by flooding servers, networks or even end-user systems with useless traffic so that legitimate users can no longer gain access to those resources. In a typical DDoS attack, a large number of compromised hosts are amassed to send useless packets. In recent years, the attack methods and tools have become more sophisticated, effective, and more difficult to trace to the real attackers, while defence technologies have been unable to withstand large-scale attacks. A denial of service (DoS) attack is an attempt to prevent legitimate users of a service from using that service. When this attack comes from a single host or network node, then it is simply referred to as a DoS attack. A more serious threat is posed by a DDoS attack. In a DDoS attack, an attacker is able to recruit a number of hosts throughout the Internet to simultaneously or in a coordinated fashion launch an attack upon the target. Question: 1) Using the given DDoS attack diagram in Figure 1, identify a type of DDoS attack and justify in detail how this attack will affect the Victim’s workstation. 2) Discuss at least two solutions how this attack can be avoided or mitigated. Part B: It is important for networking professionals to stay abreast of new security threats and learn how to address them. In this task, you will look at some web resources that can help you find out about vulnerabilities on your network. For this task, you will need a workstation with internet connectivity and a web browser. Question: 1) View the entire list of published security advisories. Scroll through and find any two vulnerabilities related to Microsoft product that’s familiar to you such as windows, web browsers or Microsoft office. Click the advisory’s title and number in the left column to view the entire announcement. 2) Read the description of the problem and how it has been addressed. How was the problem discovered and reported? How could someone exploit this vulnerability? Does the potential vulnerability belong to any of the categories you learned such as DDoS, Brute Force, Phishing etc? What are the potential damages this vulnerability could cause if exploited?