krizhanovsky ddos
TRANSCRIPT
- 1. HTTP DDoS
2.
- DDoS
3. HTTP 4. : Reverse Turing Test 5. Tempesta/Frang 6. Tempesta: Kernel HTTP Accelerator 7. Frang: DDoS 8. DDoS
9. 10. 11. ,
- Anycast (Akamai, OpenDNS etc.)
12. IPN: DNS redirect/BGP/GRE (Prolexic) 13. , ISP etc. 14.
- SYN-Flood
15. Sockstress (Full Connection Flood)
- SYN Cookies, SYN/RST/FIN rate
16. ( O(n)!) 17. 18. Virtual Hosting ? - ,
- etc.
19. KillBots (Reverse Turing Test, kernel based) 20. : NetProtect, MULTOPS 21. HTTP Reverse proxy
- Kernel based: OpenKeta, TUX, kHTTPd
22. Apache, Nginx, Varnish etc. 23. DDoS => TCP handshake GET / HTTP/1.1 Host: somehost.net
24. 25. IPtables/Netfilter: + strings + 26. ...
- ,
27. DDoS: 28. ...Reverse Turing Test!
- , ?
Home www.securityfocus.com News (crypto) http://www.securityfocus.com/brief/784 Vulnerabilities http://www.securityfocus.com/vulnerabilities Blogs (PET Awards) http://www.securityfocus.com/blogs/962 p=0,7 t_min=0.3, t_max=650 Mt=120, Dt=50 p=0,7 t_min=2, t_max=300 Mt=100, Dt=75 p=0,3 t_min=1, t_max=750 Mt=80, Dt=25 p=0,3 t_min=1, t_max=750 Mt=80, Dt=25 29. Tempesta/Frang
- HTTP Tempesta
30. AI Frang FreeBSD kernel Tempesta Kernel Module Frang Kernel Module User space 31. Tempesta HTTP accelerator
- kernel-based
32. + event-driven (event = interrupt) 33. + X86-64 MMU 34. Frang: DDoS prev. module
- : 2XX ,
35. ( ) 36. (D[X] ) 37. QoS ( ) 38. Frang
39. HTTP 40. (1) Leased lines Layer-4 Load Balancers HTTP Accelerators HTTP Servers Internet DSR 41. (2)
- HTTP sessions aware Layer-4 Load Balancer
42. Direct Server Return (?) 43. HTTP
- , ( )
44. (bash.org.ru): QoS 45. : , ; 46. = , =>QoS 47. ! ? [email_address]