Accession Number:

ADA636482

Title:

Managing the Threat of Denial-of-Service Attacks

Descriptive Note:

Corporate Author:

CARNEGIE-MELLON UNIV PITTSBURGH PA SOFTWARE ENGINEERING INST

Report Date:

2001-10-01

Pagination or Media Count:

29.0

Abstract:

Denial-of-service DoS attacks have been launched against Internet sites for years. They are a significant problem because they can shut an organization off from the Internet and because there is no comprehensive solution no silver bullet for protecting your site or recovering from a denial of service. In this paper, we will describe the current situation with denial-of-service attacks and explore ways of addressing the problem. Much has been written previously about denial of service. In fact, the CERT Coordination Center CERTCC published alerts related to these attacks as early as 1996. CERTCC publications and other references can be found at the end of this paper. In November 1999, the CERTCC hosted a workshop in which 30 experts from around the world addressed the increasing sophistication of DoS tools to launch distributed denial-of-service DDoS attacks. The results of that workshop are published on the CERTCC web site httpwww.cert.orgreportsdsitworkshop.pdf. For additional publications, see the References section of this paper. The report contained the most current knowledge of denial of service at the time. This paper provides the knowledge gained since the workshop. The information we provide is geared to commercial business. Though Internet service providers and home users can benefit, we have not tailored this paper to their particular needs. The next section provides background information about denial-of-service attacks. It is followed by information on steps you can take to reduce your risk of attack as well as how to identify attacks when they happen and respond to them. Finally, we take a look at future possibilities. An appendix contains additional information about denial of service.

Subject Categories:

  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE