文档介绍:1
2502�1335_06_2000_c2
© 2000, Cisco Systems, Inc.
Deploying works
Session 2502
What You Can Expect to Learn
“Network security is a system”
work attack methodology
Threat mitigation work security ponents
Specific optimizations to existing infrastructure
Deploying works
Security ponents
Security Design—an Example
Design Under Fire
Threat Mitigation
Design Optimizations
Security Design—a Better Example
Design Under Fire (2)
Distributed Denial of �Service (DDoS)
Smurf Attack
ICMP REQ D= S=
Attempt to�Overwhelm WAN�Link to Destination
ICMP REPLY D= S=
ICMP REPLY D= S=
ICMP REPLY D= S=
ICMP REPLY D= S=
ICMP REPLY D= S=
ICMP REPLY D= S=
Handler�Systems
2. Install Software to�Scan for, Compromise�and Infect Agents
DDoS, How Does It Work?
Client�System
1. Scan for Systems to Hack
4. Client mands to�Handlers which�Control Agents�in a Mass Attack
Agent�Systems
3. Agents Get Loaded with Remote Control Attack Software
Stacheldraht Attack
Legitimate Customer
Client
Handler
Agents (25)
Handler
Agents (25)
Handler
Agents (25)
x
Stacheldraht Attack
Legitimate Customer
Client
Handler
Agent (25)
Handler
Agent (25)
Handler
Agent (25)
[*] stacheldraht [*]
(c) in 1999 by ...
trying to connect...
connection established.
--------------------------------------
enter the passphrase : sicken
--------------------------------------
entering interactive session.
******************************
e to stacheldraht
******************************
type .help if you are lame
stacheldraht(status: a!1 d!0)>.micmp
Stacheldraht Transport Details
SRC: �Client
munication
Agent to munication
Agent to munication (Spoof Check)
DST: �Handler
Port: �16660
Data: �Encrypted Via blowfish
SRC: �Agent
DST: �Handler
ICMP Data:� Skillz
SRC: �Handler
DST �Ag