Mitigating DoS and DDoS

Denial of Service (DoS) and Distributed Denial of Service (DDoS) are among the most common threats to IT security. As it does not require advanced resources such attacks can be carried out by private individuals as well as organized groups so-called “hacktivists”. This book gives an overview and detailed description of the different kinds of attacks commonly used by hackers and it shows the challenges for IT security experts. In a practical application exercise a DoS attack simulation is created by running the tool Low Orbit Ion Canon (LOIC) on the attacker side and a victim running an Apache 2 server. A Wireshark network utility tool is used to capture and analyze the difference between the traffic sent from the LOIC client and the normal user. In addition to simulate a DDoS attack a MeTuS Delphi 2.8 tool is used to create the botnet. The configurations required to run the MeTuS Delphi tool such as PortForwarding and setting up a Dynamic DNS Update Client are shown in detail. A SSYN attack is also carried out by using the tool itself. Finally the different mitigation techniques such as Iptables ModSecurity and Mod Evasive are discussed and shown in practice.