SlideShare a Scribd company logo

How to Protect Your Network from Protocol-Based DDoS Attacks

State of the Internet
State of the Internet

Some DDoS and DrDoS attacks target IP-based devices such as printers and routers to take advantage of vulnerabilities inherent in these standard network protocols. By taking advantage of the functionality of the SNMP, NTP and CHARGEN protocols, attackers can turn mild-mannered network devices into malicious attacking bots. This short presentation from Prolexic highlights the problem as well as steps you can take to protect yourself.

Technology
1 of 10
Download to read offline
Printers, Routers Used in Cyber Attacks How to protect your network www.prolexic.com
The DrDoS attack: A popular cyber attack • Distributed reflection and amplification denial of service attack, or DrDoS • Malicious use of Internet protocols • Difficult to trace back to the origin, because spoofing can mask the origin of the attack • Sysadmins can take specific actions to reduce the vulnerability of their network devices and servers 2 CONFIDENTIAL www.prolexic.com
Even printers may be hijacked by criminals using DrDoS attacks • Support for common network protocols allows devices on your network to be employed in denial of service attacks • Vulnerable devices include: – – – – – – 3 Printers Cameras Routers Hubs Sensors Other network devices www.prolexic.com
Secure your IT devices and infrastructure • Three vulnerable network protocols used in devices: – Simple Network Management Protocol (SNMP) – Network Time Protocol (NTP) – Character Generation Protocol (CHARGEN) • Like many other network protocols, these protocols were written with functionality, not security, in mind • Can be used to misdirect and amplify responses to the attacker’s target 4 CONFIDENTIAL www.prolexic.com
Simple Network Management Protocol (SNMP) • For communicating with IP-based devices, such as routers, switches, servers, printers, modems, IP video cameras, IP phones, network bridges, hubs, alarms and thermometers • Transmits data about device components, measurements, sensor readings and variables • Allows users to monitor these devices • Use of human-readable cleartext makes SNMPv1 and v2 vulnerable to interception and modification • The origin of the transmission cannot be verified • 5 The white paper explains how to mitigate vulnerability to SNMP DrDoS attacks www.prolexic.com
Network Time Protocol (NTP) • For synchronizing time and date information on computer clocks on the Internet • Implemented on all major operating systems, network infrastructure devices and embedded devices • Susceptible to spoofing, like the User Datagram Protocol (UDP) upon which is it built • Attacker may cause multiple requests for time updates to be sent to multiple NTP hosts, directing their responses to the attacker’s target • Team-Cymru authored a secure NTP server template that can be used as a baseline for DDoS protection against NTP reflection attacks • 6 The white paper provides a link to the Team-Cymru NTP server template www.prolexic.com
Character Generation Protocol (CHARGEN) • Can be used for debugging network connections, network payload generating and bandwidth testing • Two types of CHARGEN services: – TCP and UDP – UDP version is vulnerable to spoofing • Misuse of the testing features may allow attackers to craft malicious network payloads and direct the responses to the attacker’s target • The U.S. cyber security organization CERT recommends reconsidering whether these protocols are needed in your organization • 7 The white paper provides a link to details about the CERT recommendation www.prolexic.com
Why protocol-based DrDoS attacks happen • DrDoS protocol reflection attacks are possible due to the inherent design of the original architecture and structure of these protocols • Closing the security gaps permanently would require creating new protocols, which is unlikely to happen in the short term • By disabling or restricting unneeded functionality, sysadmins can eliminate these vulnerabilities • Prolexic customers are protected from these attacks as part of our DDoS protection and mitigation services 8 www.prolexic.com
Learn more in the white paper • Download the DrDoS white paper: SNMP, NTP and CHARGEN attacks • In this white paper, you’ll learn: – Three common network protocols used in reflection attacks – How SNMP, NTP and CHARGEN can be used malicious actors – How your printers and network devices may be employed by cyber attackers – Specific action to minimize your network’s exposure and mitigate protocol attacks – What the internet community could do to reduce the risk 9 www.prolexic.com
About Prolexic • Prolexic Technologies is the world’s largest and most trusted provider of DDoS protection and mitigation services. • Prolexic has successfully stopped DDoS attacks for more than a decade. • We can stop even the largest attacks that exceed the capabilities of other DDoS mitigation service providers. 10 www.prolexic.com

Recommended

Computer Security Policy
Computer Security PolicyComputer Security Policy
Computer Security Policy
everestsky66
 
State of-the-internet-web-security-threat-advisory-blackshades-rat-presentation
State of-the-internet-web-security-threat-advisory-blackshades-rat-presentationState of-the-internet-web-security-threat-advisory-blackshades-rat-presentation
State of-the-internet-web-security-threat-advisory-blackshades-rat-presentation
State of the Internet
 
Largest 2013 DDoS Attacks Mitigated by Quarter
Largest 2013 DDoS Attacks Mitigated by QuarterLargest 2013 DDoS Attacks Mitigated by Quarter
Largest 2013 DDoS Attacks Mitigated by Quarter
State of the Internet
 
Top 10 DDoS Trends for 2013 Infographic
Top 10 DDoS Trends for 2013 InfographicTop 10 DDoS Trends for 2013 Infographic
Top 10 DDoS Trends for 2013 Infographic
State of the Internet
 
Q3 2013 Global DDoS Attacks | DDoS Attack Statistics
Q3 2013 Global DDoS Attacks | DDoS Attack StatisticsQ3 2013 Global DDoS Attacks | DDoS Attack Statistics
Q3 2013 Global DDoS Attacks | DDoS Attack Statistics
State of the Internet
 
The Battle Against DDoS | DDoS Attack Statistics
The Battle Against DDoS | DDoS Attack StatisticsThe Battle Against DDoS | DDoS Attack Statistics
The Battle Against DDoS | DDoS Attack Statistics
State of the Internet
 
Rise of Dr Dos DDoS Attacks - Infographic
Rise of Dr Dos DDoS Attacks - InfographicRise of Dr Dos DDoS Attacks - Infographic
Rise of Dr Dos DDoS Attacks - Infographic
State of the Internet
 
DDoS Attack & Defense Infographic
DDoS Attack & Defense InfographicDDoS Attack & Defense Infographic
DDoS Attack & Defense Infographic
State of the Internet
 

Recommended

Computer Security Policy
Computer Security PolicyComputer Security Policy
Computer Security Policy
everestsky66
 
State of-the-internet-web-security-threat-advisory-blackshades-rat-presentation
State of-the-internet-web-security-threat-advisory-blackshades-rat-presentationState of-the-internet-web-security-threat-advisory-blackshades-rat-presentation
State of-the-internet-web-security-threat-advisory-blackshades-rat-presentation
State of the Internet
 
Largest 2013 DDoS Attacks Mitigated by Quarter
Largest 2013 DDoS Attacks Mitigated by QuarterLargest 2013 DDoS Attacks Mitigated by Quarter
Largest 2013 DDoS Attacks Mitigated by Quarter
State of the Internet
 
Top 10 DDoS Trends for 2013 Infographic
Top 10 DDoS Trends for 2013 InfographicTop 10 DDoS Trends for 2013 Infographic
Top 10 DDoS Trends for 2013 Infographic
State of the Internet
 
Q3 2013 Global DDoS Attacks | DDoS Attack Statistics
Q3 2013 Global DDoS Attacks | DDoS Attack StatisticsQ3 2013 Global DDoS Attacks | DDoS Attack Statistics
Q3 2013 Global DDoS Attacks | DDoS Attack Statistics
State of the Internet
 
The Battle Against DDoS | DDoS Attack Statistics
The Battle Against DDoS | DDoS Attack StatisticsThe Battle Against DDoS | DDoS Attack Statistics
The Battle Against DDoS | DDoS Attack Statistics
State of the Internet
 
Rise of Dr Dos DDoS Attacks - Infographic
Rise of Dr Dos DDoS Attacks - InfographicRise of Dr Dos DDoS Attacks - Infographic
Rise of Dr Dos DDoS Attacks - Infographic
State of the Internet
 
DDoS Attack & Defense Infographic
DDoS Attack & Defense InfographicDDoS Attack & Defense Infographic
DDoS Attack & Defense Infographic
State of the Internet
 
Microsoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - QuestionnaireMicrosoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - Questionnaire
Exakis Nelite
 
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdfBreaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
UK Journal
 
Using IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & IrelandUsing IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & Ireland
IES VE
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
FIDO Alliance
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
UXDXConf
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
FIDO Alliance
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
Stephen Perrenod
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptx
FIDO Alliance
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoft
shyamraj55
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
Srushith Repakula
 
WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024
Lorenzo Miniero
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
marcuskenyatta275
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?
Mark Billinghurst
 
AI mind or machine power point presentation
AI mind or machine power point presentationAI mind or machine power point presentation
AI mind or machine power point presentation
yogeshlabana357357
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
FIDO Alliance
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024
Patrick Viafore
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
FIDO Alliance
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
FIDO Alliance
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
FIDO Alliance
 
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
Paolo Missier
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
 

More Related Content

Recently uploaded

Breaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdfBreaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
UK Journal
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
UXDXConf
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
FIDO Alliance
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
Stephen Perrenod
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
Srushith Repakula
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
FIDO Alliance
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
FIDO Alliance
 

Recently uploaded (20)

Microsoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - QuestionnaireMicrosoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - Questionnaire
 
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdfBreaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
 
Using IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & IrelandUsing IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & Ireland
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptx
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoft
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
 
WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?
 
AI mind or machine power point presentation
AI mind or machine power point presentationAI mind or machine power point presentation
AI mind or machine power point presentation
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
 
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
 

Featured

How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
 

Featured (20)

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 

How to Protect Your Network from Protocol-Based DDoS Attacks

  • 1. Printers, Routers Used in Cyber Attacks How to protect your network www.prolexic.com
  • 2. The DrDoS attack: A popular cyber attack • Distributed reflection and amplification denial of service attack, or DrDoS • Malicious use of Internet protocols • Difficult to trace back to the origin, because spoofing can mask the origin of the attack • Sysadmins can take specific actions to reduce the vulnerability of their network devices and servers 2 CONFIDENTIAL www.prolexic.com
  • 3. Even printers may be hijacked by criminals using DrDoS attacks • Support for common network protocols allows devices on your network to be employed in denial of service attacks • Vulnerable devices include: – – – – – – 3 Printers Cameras Routers Hubs Sensors Other network devices www.prolexic.com
  • 4. Secure your IT devices and infrastructure • Three vulnerable network protocols used in devices: – Simple Network Management Protocol (SNMP) – Network Time Protocol (NTP) – Character Generation Protocol (CHARGEN) • Like many other network protocols, these protocols were written with functionality, not security, in mind • Can be used to misdirect and amplify responses to the attacker’s target 4 CONFIDENTIAL www.prolexic.com
  • 5. Simple Network Management Protocol (SNMP) • For communicating with IP-based devices, such as routers, switches, servers, printers, modems, IP video cameras, IP phones, network bridges, hubs, alarms and thermometers • Transmits data about device components, measurements, sensor readings and variables • Allows users to monitor these devices • Use of human-readable cleartext makes SNMPv1 and v2 vulnerable to interception and modification • The origin of the transmission cannot be verified • 5 The white paper explains how to mitigate vulnerability to SNMP DrDoS attacks www.prolexic.com
  • 6. Network Time Protocol (NTP) • For synchronizing time and date information on computer clocks on the Internet • Implemented on all major operating systems, network infrastructure devices and embedded devices • Susceptible to spoofing, like the User Datagram Protocol (UDP) upon which is it built • Attacker may cause multiple requests for time updates to be sent to multiple NTP hosts, directing their responses to the attacker’s target • Team-Cymru authored a secure NTP server template that can be used as a baseline for DDoS protection against NTP reflection attacks • 6 The white paper provides a link to the Team-Cymru NTP server template www.prolexic.com
  • 7. Character Generation Protocol (CHARGEN) • Can be used for debugging network connections, network payload generating and bandwidth testing • Two types of CHARGEN services: – TCP and UDP – UDP version is vulnerable to spoofing • Misuse of the testing features may allow attackers to craft malicious network payloads and direct the responses to the attacker’s target • The U.S. cyber security organization CERT recommends reconsidering whether these protocols are needed in your organization • 7 The white paper provides a link to details about the CERT recommendation www.prolexic.com
  • 8. Why protocol-based DrDoS attacks happen • DrDoS protocol reflection attacks are possible due to the inherent design of the original architecture and structure of these protocols • Closing the security gaps permanently would require creating new protocols, which is unlikely to happen in the short term • By disabling or restricting unneeded functionality, sysadmins can eliminate these vulnerabilities • Prolexic customers are protected from these attacks as part of our DDoS protection and mitigation services 8 www.prolexic.com
  • 9. Learn more in the white paper • Download the DrDoS white paper: SNMP, NTP and CHARGEN attacks • In this white paper, you’ll learn: – Three common network protocols used in reflection attacks – How SNMP, NTP and CHARGEN can be used malicious actors – How your printers and network devices may be employed by cyber attackers – Specific action to minimize your network’s exposure and mitigate protocol attacks – What the internet community could do to reduce the risk 9 www.prolexic.com
  • 10. About Prolexic • Prolexic Technologies is the world’s largest and most trusted provider of DDoS protection and mitigation services. • Prolexic has successfully stopped DDoS attacks for more than a decade. • We can stop even the largest attacks that exceed the capabilities of other DDoS mitigation service providers. 10 www.prolexic.com