Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Your employer recently installed high-speed Internetaccess at the office where y

ID: 3612782 • Letter: Y

Question

Your employer recently installed high-speed Internetaccess at the office where you work. There are 50 workstationsconnected to the network and the Internet. Within a week, half thecomputers in the office were down because of a virus that wascontracted by a screen saver. In addition, network personnel from auniversity in England contacted the company, claiming that youremployer’s computer systems were being used as part of DDoSattacke on their Web site.
Draft a note to the CEO to explain how a firewall couldprevent distributed denial of service attacks from being launchedon the company network. Your employer recently installed high-speed Internetaccess at the office where you work. There are 50 workstationsconnected to the network and the Internet. Within a week, half thecomputers in the office were down because of a virus that wascontracted by a screen saver. In addition, network personnel from auniversity in England contacted the company, claiming that youremployer’s computer systems were being used as part of DDoSattacke on their Web site.
Draft a note to the CEO to explain how a firewall couldprevent distributed denial of service attacks from being launchedon the company network.

Explanation / Answer

Firewalls protectnetworks from incoming packets. In contrast, the Reverse Firewallprotects the outside network from packet flooding DistributedDenial of Service (DDoS) attacks that originate on the inside. TheReverse Firewall drastically reduces the impact of DDoS attacksmounted from inside the network. DDoS attacks are usually conductedthrough "zombies" -- computers that have come under the control ofthe attacker. The Reverse Firewall chokes off packet floodingattacks before they exit the network where theyoriginate.  

Distributed DoS (DDoS) packet flooding attacks are an increasingproblem. A recent study estimates over 4000 attacks a week. Manysites of commercial importance have become targets, including CNN,EBay, Yahoo, and Microsoft, establishing DDoS attacks as a seriousthreat to e-commerce and e-business. The Computer EmergencyResponse Team (CERT), the Internet security watchdog, was itselftargeted in successful DDoS attacks in March 2001. CERT warnsrepeatedly that there is currently no technology to deal with thisproblem and recommends general vigilance and administrativemeasures to minimize the potentially devastating impact of a DDoSattack.

The Internet infrastructure has vulnerabilities that make itvery difficult to defend against packet flooding attacks. Pleasesee the White Papers entitled "IP Changes to Eliminate SourceForgery" and "A Fair Service Approach to Defending Against PacketFlooding Attacks" for more detailed analysis of infrastructurevulnerabilities that make DDoS an extremely challenging problem tosolve.

Most DDoS attacks are carried out via "slaves" or "zombies",machines that have been compromised, and come under the control ofthe attacker(s). Using these machines, the attacker can launch acoordinated but well-disguised attack on a victim and avoiddetection.

This is particularly useful for all owners of Internetinfrastructure providing Internet connectivity. Such entitiesinclude:

The machines of greatest value to attackers are those with fastInternet access, because it is from these machines that they cansend packet floods at very high rates. The Reverse Firewall reducesthe value of these machines for such an attack to that of a slowdial up connection, or even less. Attackers currently try to amasscollections of hundreds or thousands of zombies from which toattack simultaneously. The Reverse Firewall, however, reduces theeffectiveness of a zombie by a similar factor!

While DDoS attacks are mainly targeted at a victim outside theinfrastructure provider's local network, they are, in fact, alsoattacking the legitimate users of the local network infrastructure.In particular, the attacker is using up as much of the outgoingbandwidth as the zombie machines can consume. This is bandwidththat is therefore no longer available to other legitimate users ofthe network. Furthermore, if upstream providers charge for actualnetwork usage (rather than a flat rate), the attacker is actuallydirectly increasing the costs to the network owner. By using theReverse Firewall appropriately the infrastructure owner gains thetangible benefit that attacks from one network segment cannotdisrupt customers from other segments.

Related Questions

Your employer asks you to build a 22-cm-long solenoid with an Interior field of
Question #1602971
Your employer asks you to build a 22-cm-long solenoid with an interior field of
Question #1473257
Your employer asks you to build a 24-cm-long an interior field of 4.6 mT. The sp
Question #1557326
Your employer asks you to build a 24-cm-long an interior field of 4.6 mT. The sp
Question #1605910
Your employer asks you to build a 29-cm-long solenoid with an interior field of
Question #1554193
Your employer asks you to build a 30-cm-long solenoid with an interior field of
Question #1561229
Your employer asks you to build a 30-cm-long solenoid with an interior field of
Question #1609813
Your employer asks you to build a 31-cm-long solenoid with an interior field of
Question #1287620
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Your employer offers you two options to have your paycheck deposited directly to
Next
Your employer uses a career average formula to determine 5 Points retirement pay

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.