It is difficult to determine which type of DDoS attack would be the most detrimental to an organization as it can depend on various factors such as the organization’s size, industry, and infrastructure. Each type of DDoS attack can be highly detrimental to an organization, depending on the scale and duration of the attack and the organization’s ability to mitigate it.
Hi Sunam, i think i agree with you that each type of DDOS attack can be detrimental to an organization especially when service and operation is disrupted this can lead to financial loss if not quickly mitigated. Another risk associated with DDOS attack is that it is difficult to detect the attacker since they attack the system from a zombie computer.
I also concur with Abayomi, while there are many types of DDoS attacks (http flood, slowloris, ping of death, syn flood, etc.) naming a specific one as most detrimental would depend on the specific organization and the methods it has to counteract the various forms of DDoS attacks. Likely, wherever the organization is lacking proper defense mechanism will be the most effective DDoD attack.
Direct DoS assault the attacker attempts to flood the victim’s computer with a stream of packets from their own computer while Indirect DoS attack the attacker floods the victim’s computer while making it appear as though the attack originated from a different computer by spoofing (faking) the attacker’s IP address.
I agree with Marylyn’s comments above. In addition, the direct attacks are rar in that attackers do not like directly attacking victims because their source IP address is shown on all incoming packets, which is why attackers would rather perform an indirect DOS. Although, with the indirect attack and spoofing, the attacker risks that they cannot get direct feedback about the attack and have to rely on indirect means of monitoring.
The technical difference between direct and indirect denial of service attacks are if the attack originates from your machine (direct) or another machine (indirect). What makes indirect attacks potentially more powerful is that they can be chained together into a DDoS where many (potentially millions) of indirect DoS attacks are launched simultaneously.
TCP is a connection-oriented protocol, whereas UDP is a connectionless protocol. A key difference between TCP and UDP is speed, as TCP is comparatively slower than UDP. Overall, UDP is a much faster, simpler, and efficient protocol, however, retransmission of lost data packets is only possible with TCP.
Hi Nishant and Marylyn,
In addition to that,
TCP is typically used for applications that require data to be transmitted reliably and in order, such as email, file transfer, and web browsing. For example, when you visit a website, your browser uses TCP to establish a connection to the web server, send a request for the webpage, and receive the response.
UDP is typically used for applications that require real-time, low-latency communication, such as online gaming, video streaming. For example, when you play an online game, your computer may use UDP to send and receive real-time game data to and from other players, as delays in transmitting this data could affect gameplay.
TCP is a connection oriented protected where as udp is connectionless protocol. A big difference is between the two is speed. TCP is much slower than UDP. USP is much faster, simpler, an efficient protocol, however retransmission of lost data packets is only possible with TCP.
Commonly used methods for secure communication and authentication over the Internet include Public Key Infrastructure (PKI) and X.509. They do have some restrictions and potential weaknesses, though:
Certificate revocation
Certificate authority compromise
Key compromise
Human error
Phishing attacks
Technologically, PKI and x509 are very secure. They are based on strong and expandable cryptography. Where they are vulnerable is if the trust is broken. If a certificate authority is compromised or a revocation list is not kept up to date (or properly checked), the certificates themselves can conform to the spec, but still allow malicious actions.
The most maintenance free cloud service model is Software as a Service. SaaS enables companies to benefit from application usage without the need to maintain and update infrastructure, platform, and application components.
Hi Frank,
I agree with you that Software as a Service is one of the best models, however I think its important to note the goals of your company or product before determining which service is the best. Each type of service has its advantages and it is important to understand the difference to find the one that best fits your goals.
The best service in cloud computing will depend on the objective of the company’s usage. Also, it depends on costs, resources, and risks the company is willing to accept and/or outsource.
Hi Pranavi, you’ve posed an interesting question in that the best service model for cloud computing would be based upon each organization’s specific needs. While one organization may greatly benefit from one model, another organization may be hindered by it. You have to weigh the pros and cons of each and find which best suits your organization’s requirements.
ARP Poisoning is a type of cyber attack carried out over a LAN that involves sending malicious ARP packets to a default gateway on a LAN in order to change the pairings in its IP to MAC address table. ARP Protocol translates IP addresses into MAC addresses.
Hi Frank ,
Address Resolution Protocol (ARP) poisoning is when an attacker sends falsified ARP messages over a local area network LAN to link an attacker’s MAC address with the IP address of a legitimate computer or server on the network. Once the attacker’s MAC address is linked to an authentic IP address, the attacker can receive any messages directed to the legitimate MAC address. As a result, the attacker can intercept, modify or block communicates to the legitimate MAC address.
Digital certificates assist in secure electronic communication and data exchange between systems people, and devices online. They work by verifying the identity of the sender/receiver of an electronic message and then provide the means to encrypt/decrypt messages between sender and receiver after verification.
The main purposes of constructing secure networks are access control, confidentiality, availability, and functionality. Digital signatures use public key encryption and digital certificates to give extremely strong but slow authentication.
The four general controls for secure networking are availability, confidentiality, functionality, and access control. The one that I think is most important is access control. Many of the attacks in the recent media have been due to inappropriate access.
One of the general goals of secure networking that resonate with me is the functionality aspect. When adequate functionality is enabled, this will prevent attackers from altering the capability of the network. Some essential functionalities include correctly assigning IP addresses, excluding unapproved protocols and correctly resolving host names.
One of the best ways is to use a VPN as they create an encrypted path between the wireless client and the access point to thwart an evil twin attack. Other ways to address an evil twin are to avoid unsecured free wifi hotspots, using HTTPS websites, disabling wifi auto-connect and using MFA.
One of the ways I would use to address evil twin man in the middle attack is to stay away from public Wi-Fi: If possible, use a personal hotspot or one you’re sure isn’t compromised.
DDoS attacks seem to be an ever escalating numbers game. Modern network infrastructure and cloud computing can handle huge amounts on incoming packets before slowing down. Botnets keep getting larger in response. Early DDoS attacks were done with hundred of machines sending Mb/sec of data. Modern attacks involve millions of machines throwing terabytes per second at targets to bring giants like Google or GitHub down. What can the operator of a medium sized business do to protect against DDoS attacks?
First, the most direct approach to deal with the DDoS attack could be to increase network bandwidth to cache DDoS traffic flow. In addition, some operators of medium-sized enterprises may consider configuring network devices to limit connection requests per unit of time from any IP address.
While I think that there is possibly no best solution to protect against DDoS attack, i.e., no system can be fully protected, but the medium sized business can atleast work and rely on:
-> Firewalls and intrusion detection systems that act as traffic-scanning barriers between networks
-> Security tools that remove web-based threats, block abnormal traffic, and search for known attack signatures
Hi Abayomi,
Cloud computing can provide cost-effective solutions for small businesses, offering benefits such as reduced IT infrastructure costs, improved flexibility, scalability, collaboration, and data security. However, the overall cost-effectiveness will depend on factors such as the business’s specific needs, data size and type, and the cost of cloud services. Therefore, small businesses should carefully evaluate their options and consider both the potential benefits and costs before making a decision.
Great question! I think it is cost effective for small businesses to invest in cloud for many reasons. A few of them could be, you don’t have to buy and maintaining hardware and networking equipment, you don’t need to hire an expert to implement it.
Hello Wei, while I’ve not personally dealt with a DDoS attack, there are a multitude of ways one can help mitigate these attacks. It starts with hardware such as load balancers and firewalls and then becomes granular with ensuring unnecessary/unused ports are closed and properly configuring your firewall, so it knows how to react in the face of an attack. If an attack is coming from a specific IP, you can easily just have your firewall drop those packets while continuing to receive valid traffic.
Hi Wei,
I don’t think any of us would have encountered the actual DDoS attack. However, I can share an experience as an auditor, where one of the client had set up “HoneyPot” to deal with the DDoS attack. It involves setting up of some dummy servers with that are exposed to hackers as legitimate servers to study the attack patterns, attack intentions and even find out attack sources, in case of a possible attack.
Which type of DDoS attack do you think would be the most detrimental to an organization?
It is difficult to determine which type of DDoS attack would be the most detrimental to an organization as it can depend on various factors such as the organization’s size, industry, and infrastructure. Each type of DDoS attack can be highly detrimental to an organization, depending on the scale and duration of the attack and the organization’s ability to mitigate it.
Hi Sunam, i think i agree with you that each type of DDOS attack can be detrimental to an organization especially when service and operation is disrupted this can lead to financial loss if not quickly mitigated. Another risk associated with DDOS attack is that it is difficult to detect the attacker since they attack the system from a zombie computer.
I also concur with Abayomi, while there are many types of DDoS attacks (http flood, slowloris, ping of death, syn flood, etc.) naming a specific one as most detrimental would depend on the specific organization and the methods it has to counteract the various forms of DDoS attacks. Likely, wherever the organization is lacking proper defense mechanism will be the most effective DDoD attack.
Explain the difference between a direct and indirect DoS attack.
Direct DoS assault the attacker attempts to flood the victim’s computer with a stream of packets from their own computer while Indirect DoS attack the attacker floods the victim’s computer while making it appear as though the attack originated from a different computer by spoofing (faking) the attacker’s IP address.
I agree with Marylyn’s comments above. In addition, the direct attacks are rar in that attackers do not like directly attacking victims because their source IP address is shown on all incoming packets, which is why attackers would rather perform an indirect DOS. Although, with the indirect attack and spoofing, the attacker risks that they cannot get direct feedback about the attack and have to rely on indirect means of monitoring.
The technical difference between direct and indirect denial of service attacks are if the attack originates from your machine (direct) or another machine (indirect). What makes indirect attacks potentially more powerful is that they can be chained together into a DDoS where many (potentially millions) of indirect DoS attacks are launched simultaneously.
What are the differences between TCP and UDP protocols?
TCP is a connection-oriented protocol, whereas UDP is a connectionless protocol. A key difference between TCP and UDP is speed, as TCP is comparatively slower than UDP. Overall, UDP is a much faster, simpler, and efficient protocol, however, retransmission of lost data packets is only possible with TCP.
Hi Nishant and Marylyn,
In addition to that,
TCP is typically used for applications that require data to be transmitted reliably and in order, such as email, file transfer, and web browsing. For example, when you visit a website, your browser uses TCP to establish a connection to the web server, send a request for the webpage, and receive the response.
UDP is typically used for applications that require real-time, low-latency communication, such as online gaming, video streaming. For example, when you play an online game, your computer may use UDP to send and receive real-time game data to and from other players, as delays in transmitting this data could affect gameplay.
TCP is a connection oriented protected where as udp is connectionless protocol. A big difference is between the two is speed. TCP is much slower than UDP. USP is much faster, simpler, an efficient protocol, however retransmission of lost data packets is only possible with TCP.
What are the limitations of PKI and X.509? How they can be vulnerable to attacks?
Commonly used methods for secure communication and authentication over the Internet include Public Key Infrastructure (PKI) and X.509. They do have some restrictions and potential weaknesses, though:
Certificate revocation
Certificate authority compromise
Key compromise
Human error
Phishing attacks
Technologically, PKI and x509 are very secure. They are based on strong and expandable cryptography. Where they are vulnerable is if the trust is broken. If a certificate authority is compromised or a revocation list is not kept up to date (or properly checked), the certificates themselves can conform to the spec, but still allow malicious actions.
which is best service model in could computing ?
The most maintenance free cloud service model is Software as a Service. SaaS enables companies to benefit from application usage without the need to maintain and update infrastructure, platform, and application components.
Hi Frank,
I agree with you that Software as a Service is one of the best models, however I think its important to note the goals of your company or product before determining which service is the best. Each type of service has its advantages and it is important to understand the difference to find the one that best fits your goals.
The best service in cloud computing will depend on the objective of the company’s usage. Also, it depends on costs, resources, and risks the company is willing to accept and/or outsource.
Hi Pranavi, you’ve posed an interesting question in that the best service model for cloud computing would be based upon each organization’s specific needs. While one organization may greatly benefit from one model, another organization may be hindered by it. You have to weigh the pros and cons of each and find which best suits your organization’s requirements.
how does ARP poisoning works?
Hello Frank,
ARP Poisoning is a type of cyber attack carried out over a LAN that involves sending malicious ARP packets to a default gateway on a LAN in order to change the pairings in its IP to MAC address table. ARP Protocol translates IP addresses into MAC addresses.
Hi Frank ,
Address Resolution Protocol (ARP) poisoning is when an attacker sends falsified ARP messages over a local area network LAN to link an attacker’s MAC address with the IP address of a legitimate computer or server on the network. Once the attacker’s MAC address is linked to an authentic IP address, the attacker can receive any messages directed to the legitimate MAC address. As a result, the attacker can intercept, modify or block communicates to the legitimate MAC address.
How do digital certificates work in a PKI? What are their main purposes in constructing secure networks?
Digital certificates assist in secure electronic communication and data exchange between systems people, and devices online. They work by verifying the identity of the sender/receiver of an electronic message and then provide the means to encrypt/decrypt messages between sender and receiver after verification.
The main purposes of constructing secure networks are access control, confidentiality, availability, and functionality. Digital signatures use public key encryption and digital certificates to give extremely strong but slow authentication.
From the text there were four general goals for secure networking mentioned. Name one that seems important to you.
The four general controls for secure networking are availability, confidentiality, functionality, and access control. The one that I think is most important is access control. Many of the attacks in the recent media have been due to inappropriate access.
Hi Shepherd,
One of the general goals of secure networking that resonate with me is the functionality aspect. When adequate functionality is enabled, this will prevent attackers from altering the capability of the network. Some essential functionalities include correctly assigning IP addresses, excluding unapproved protocols and correctly resolving host names.
What is the best way to address the evil twin man in the middle attack?
One of the best ways is to use a VPN as they create an encrypted path between the wireless client and the access point to thwart an evil twin attack. Other ways to address an evil twin are to avoid unsecured free wifi hotspots, using HTTPS websites, disabling wifi auto-connect and using MFA.
Hello Jill,
One of the ways I would use to address evil twin man in the middle attack is to stay away from public Wi-Fi: If possible, use a personal hotspot or one you’re sure isn’t compromised.
DDoS attacks seem to be an ever escalating numbers game. Modern network infrastructure and cloud computing can handle huge amounts on incoming packets before slowing down. Botnets keep getting larger in response. Early DDoS attacks were done with hundred of machines sending Mb/sec of data. Modern attacks involve millions of machines throwing terabytes per second at targets to bring giants like Google or GitHub down. What can the operator of a medium sized business do to protect against DDoS attacks?
Hi David,
First, the most direct approach to deal with the DDoS attack could be to increase network bandwidth to cache DDoS traffic flow. In addition, some operators of medium-sized enterprises may consider configuring network devices to limit connection requests per unit of time from any IP address.
While I think that there is possibly no best solution to protect against DDoS attack, i.e., no system can be fully protected, but the medium sized business can atleast work and rely on:
-> Firewalls and intrusion detection systems that act as traffic-scanning barriers between networks
-> Security tools that remove web-based threats, block abnormal traffic, and search for known attack signatures
Do you think it is cost effective for small businesses to invest in cloud ?
Hi Abayomi,
Cloud computing can provide cost-effective solutions for small businesses, offering benefits such as reduced IT infrastructure costs, improved flexibility, scalability, collaboration, and data security. However, the overall cost-effectiveness will depend on factors such as the business’s specific needs, data size and type, and the cost of cloud services. Therefore, small businesses should carefully evaluate their options and consider both the potential benefits and costs before making a decision.
Hello Abayomi,
Great question! I think it is cost effective for small businesses to invest in cloud for many reasons. A few of them could be, you don’t have to buy and maintaining hardware and networking equipment, you don’t need to hire an expert to implement it.
Name at least 3 types of DDoS attacks.
Have you ever encountered a DDoS attack? How do you deal with it?
Hello Wei, while I’ve not personally dealt with a DDoS attack, there are a multitude of ways one can help mitigate these attacks. It starts with hardware such as load balancers and firewalls and then becomes granular with ensuring unnecessary/unused ports are closed and properly configuring your firewall, so it knows how to react in the face of an attack. If an attack is coming from a specific IP, you can easily just have your firewall drop those packets while continuing to receive valid traffic.
Hi Wei,
I don’t think any of us would have encountered the actual DDoS attack. However, I can share an experience as an auditor, where one of the client had set up “HoneyPot” to deal with the DDoS attack. It involves setting up of some dummy servers with that are exposed to hackers as legitimate servers to study the attack patterns, attack intentions and even find out attack sources, in case of a possible attack.
1. a) List the four(4) deployment models of cloud computing.
b) Discuss one of the above.
1. a) List the four(4) deployment models of cloud computing.
b) Discuss one of the above.
What actions can be taken to prevent distributed denial of service attacks (DDoS)?