Rlot 1 Essay

1032 WordsApr 9, 20155 Pages
Introduction As stated in the recent information security incident report, during the most recent registration term the university’s web-based registration server came under assault via an internally launched DDoS attack. This resulted in the unavailability of the server services for a period of approximately 24 hours. This executive summary is intended to briefly describe the type of attack and how it occurred but, as well, more specifically to suggest recommended countermeasures to thwart such attacks in the future. DoS refers to a denial of service attack and the end result of such attacks is that authorized users are denied access to authorized services. The goals of DoS attacks are neither to garner unauthorized access to systems nor to, typically, corrupt systems components (files, drives, etc.) but, rather, to deny legitimate and authorized access as stated above. Most attacks are based on the generation of artificial traffic with the result that, once the attack is launched, either bandwidth or other systems resources are consumed to the extent that legitimate services are denied (EC-Council, 2010). The university web registration server was subject to a specific subtype of DoS referred to as DDoS (distributed denial of service). In distributed denial of service attack, the attack is not launched from a singular system but, rather, from many systems via utilization of a botnet (Walker, 2011). Derived from roBOT NETwork, a botnet is a network of automated software applications or multiple singular applications) which can be utilized to generate a DDoS attack which function by means of overutilization of system bandwidth or protocol (communications) flooding (EC-Council, 2010). In the above figure a simplified version of the university network is represented. The cloud represents the external network and Internet with the internal network

More about Rlot 1 Essay

Open Document