Distributed Denial of Service Attacks Against Human Rights Sites


Download 24.71 Kb.
Pdf ko'rish
Sana14.03.2017
Hajmi24.71 Kb.

Distributed Denial of Service Attacks

Against Human Rights Sites

Hal Roberts

Berkman Center for Internet & Society

at Harvard University



source: wired.com

source: Arbor Networks

Application Attacks: syns, slowlorises, and searches

Network Attacks: volunteers, bots, and amplifiers



DDoS Defenses

* server optimization and hardening

* overcapacity

* dynamic capacity growth

* packet filtering / rate limiting

* scrubbing

* source mitigation

* dynamic rerouting



What we wanted to find out:

* How prevalent are DDoS attacks against ind media?

* What types of DDoS attacks are used against ind media?

* What are the impacts of these attacks against ind media?

* How can ind media defend against these attacks?


What we did:

* media research

* ind media survey

* ind media interviews

* working meeting


 What we learned:

* DDoS attacks against ind media are prevalent

* ind media are particularly vulnerable on the edge of the Internet 

* ind media suffer from a range of other attacks as well

* application attacks have some good answers, net attacks have fewer

* net attacks likely require moving ind media sites closer to the core

* help local tech experts work with core Internet organizations


pm.gov.au, joewilsonforcongress.com, untiny.com, filaty.com, tunisiawatch.rsfblog.org, Several Polish government websites, moncefmarzouki.net, citizenzouari.wordpress.com, atheistconvention.org.au, 

atheistfoundation.org.au, thehotjoints.com, nawaat.org, samibengharbia.com, kitab.nl, Boxun.com, fra.se, polisen.se, shaolin.org.cn, newsyemen.net, charter97.org, twitter.com, vedomosti.ru, voteconnor.com, 

bogatoe.info, Dozens or hundreds of Shiite sites (as well as collateral damage), talawas.org, bachuna.net, doshdu.ru, crd-net.org, msguancha.com, canyu.org, chinesepen.org, newcenturynews.com, charter97.org, 

novayagazeta.ru, ahmadinejad.ir, fdog.wordpress.com, radiozamaneh.com, amconmag.com, bauxitevietnam.info, boxitvn.net, boxitvn.org, boxitvn.info, dcvonline.net, x-cafevn.org, doi-thoai.com, 

caotraonhanban.com, danluan.org, vanganh.multiply.com, ingushetiyaru.org, angusht.com, magas.ru, ingushetia.org, ingnews.ru, ri-online.ru, kadyrov2012.com, mahkamah.gov.my, academydelphi.com, acgc.com.my, 

al-faizeen.com.my, anarkalihairdye.com, astree.com.my, auto-charge.net, bagsmalaysia.com, berjayabintangtimur.com.my, bionet-int.com, venkat-transport.com.my, and many others, as-ansar.com, ansarnet.info, 

hanein.info, atahadi.0vr.net, ansaaar.com, alemarah.info, de.ansar1.net, www.alqimmah.net, as.ansar.com, 68.15.56.91/Temp/Jihad, islamicawakening.com, islam4uk.com, salaattime.com, watchislam.com, 

jihadunspun.com, gawaher.com, cabinda.org, islamicnetwork.com, president.ir, radicalislam.org, almaghrib.org, 195.216.243.39, 208.64.123.225, 213.155.12.120, 217.107.35.35, 217.17.158.55, 217.20.163.4, 

62.149.24.2, 72.20.34.140, 80.93.54.57, 82.146.43.3, 89.108.126.2, 94.198.51.216, angusht.com, angusht.com index.php, angusht.com personal subscribe subscr_edit.php, antiddos.org, asterios.tm, asterios.tm 

index.php, asteriys.com index.php?f=stat&act=online&server=0, attackers.ru, bachuna.net, bankunet.com, barbars.ru, blud.net, carderfix.ru, carder.info, carder.info index.php, carder.info,l2.theonline.ru, carder.su, 

carder.su showgroups.php, ddef.ru, do-finance.com, fan-age.ru,l2.exsade.com,forum.exsade.com,final-zone.ru, filebase.to, forum.notebook812.ru, forum.timesgame.ru,timesgame.ru, internet-guard.net index.php, 

kadyrov2012.com, kadyrov2012.com, kadyrov2012.com index, karyatour.com.ua, l2jfree.com, la2.100nt.ru, la2.timesgame.ru, lineage.cn.km.ua, ll2.su, meridian-express.ru, modcam.ru, notebook812.ru, 

notebook812.ru, ohah.ru, ohah.ru index.php, planety-hackeram.ru, portal27.ru, pupsa.net, rodi.ru, rosban.su, sever.ru, slineage.ru, smsdeal.ru index.php, takwap.ru, takwap.ru 111 XXX_DETKA, takwap.ru 157 xxx 

ohah.ru, teamsteam.ru, vpotoke.com, wapfan.org index.php, wow.cln.ru, www.2simtv.ru index.php, www.angusht.com index.php, www.art-taxi.ru, www.glazey.ru, www.ingushetiyaru.org, www.notebook812.ru, 

www.prado-club.su, www.prado-club.su forum, www.ripoffreport.com, xaknet.ru, forum.antichat.ru, www.ripoffreport.com 80, aph.gov.au and a number of other Australian government sites, vedomosti.ru, 

alemarah.info, blogosin.org, danchimviet.com, minhbien.org, contravia.tv, hasiphu.com, 7anein.net, rjfront.info, as-ansar.com, islam-ucoii.it, algathafi.org, alsunnah.info, modawanati.com, iaisite-eng.org, ansar1.info, 

tawhed.net, islamicawakening.com, ansarnet.info, alemarah.info, alboraq.info, baghdadsniper.net, almaghrib.org, alqimmah.net, atahadi.tk, majahdenar.com, alboraqmedia.org, muslimdefenseforce.islamicink.com, 

muwahideen.tk, jixad.tk, majahden.info, hunafa.com, ahlu-sunnah.com, sheikyermami.com, calltoislam.com, jaami.info, blogosin.org, tunis-online.net, several nasa.gov sites, aut.ac.ir, jarasnews.com, penguin-

news.com, blogsochi.ru, 2ch.net, dcinside.com, president.go.kr, prkorea.com, 29 Iranian human rights sites, paltalk.com, p2pnet.net, nkeconwatch.com, web24.com.au, ansar1.info, h-alali.net, asqsatv.ps, 

baghdadsniper.net, abu-qatada.com, almaqdese.net, sharia4belgium.webs.com, alboraq.info, islamicawakening.com, hizb-america.org, mtj.tw, rjfront.info, modawanati.com, as-ansar.com, altartosi.com, 

tawheedmedia.com, tawhed.ws, alqimmah.net, islamweb.net, iaisite-eng.org, almoltaqa.ps, atahadi.com, majahden.com, almaghrib.org, alsunnah.info, crd-net.org, livejournal.com, mannyvillar.com.ph, 

berkshirepublishing.com, jimleeforcongress2010.com, watchglennbeck.com, revolutionislam.com, arabcrunch.com, cpwu.org.tw, contravia.tv, facebook.com, salambc.com, Multiple Islamic websites, nawaat.org, 

yezzi.org, news.com.au, sharrmusic.org, phmcgpe.com, Jerusalem Development Authority, various nasa.gov sites, community.livejournal.com/golos_ameriki, kfc.dk, nyasatimes.com, eagar4senate.com, 

eagarforsenate.com, vocus.com.au, abu-qatada.com, kaganwatch.com, novayagazeta.ru, livejournal.com, facebook.com, sviridenkov.com, newdemocratnews.com, thongluan.org, dcctvn.net, richardsilverstein.com, 

danchimviet.com, dangvidan.org, dcctvn.net, hasiphu.com, minbien.org, ykien.net, vietbaosaigon.com, billoreilly.com, anncoulter.com, joinrudy2008.com, photayokeking.org, photayokeking.org, ihh.org.tr, thejc.com, 

Pizza Hut, Egyptian governmental websites, and 50 Israeli websites including www.microsoft.co.il, hotmail.co.il, live.co.il, blogs.microsoft.co.il, coca-cola.co.il, www.coca-cola.co.il, travian.co.il, and www.bebo.co.il, 

korea.go.kr, jpost.com, moj.go.kr, kois.go.kr, crd-net.org, msguancha.com, Rights Network of China, Democracy China, , World Azerbaijani Congress, www.karenunited.co.cc, charter97.org, abu-qatada.com, 

mtj.tw, mmagreb.com, alsunnah.info, almaqdese.net, baghdadsniper.net, ligattsecurity.com, alemarah.info, almaghrib.org, islamicawakening.com, hackteach.org, ubak.gov.tr, tk.gov.tr, tib.gov.tr, cprtunisie.net, 

aljazeera.net, hoshas.moh.gov.my, president.go.kr, cwd.go.kr, mofat.go.kr, naver.com, nonghyup.com, keb.co.kr, mnd.go.kr, xocali.net, krotov.info, livejournal.com, ura.ru, prison.org, charter97.org, holyquran.net, 

kommersant.ru, crd-net.org, annabaa.org, almoslim.net, alghurabaa.org, way2allah.com, alfaloja.net, fatwa1.com, islamicemirate.com, tawheedmedia.com, muslimdefenseforce.islamicink.com, rjfront.info, falojaa.net, 

islamicawakening.com, alemarah-iea.com/english, sawtaljihad.org, h-alali.net, islamicboard.com, einladungzumparadies.de, mustafahosny.com, facebook.com, youm7.com, lonistom.co.il


source: CAIDA

* 72% have experienced national network filtering

* 62% have experienced DDoS attacks

* 39% have experienced an intrusion

* 32% have experienced a defacement

* Of those experiencing a DDoS attack, 81% also 

experienced at least one of filtering, intrusion, or 

defacement


Of ind media who had a DDoS attack in the past year:

* 55% had their site shut down by their ISPs

* 36% report that their ISP successfully defended them


source: Arbor Networks

source: thetruthabout...@flickr

Specific Recommendations

* plan for attacks

* minimize dynamic pages

* have robust monitoring, mirroring, and failover

* strongly consider hosting on blogger or similar

* do not use cheapest hosting provider (or dns registrar)



Bigger picture: local experts + core resources

* most successful model we saw was local, embedded tech experts

* many core orgs want to help but don’t know how or where

* risks moving control to private companies




Download 24.71 Kb.

Do'stlaringiz bilan baham:




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©fayllar.org 2020
ma'muriyatiga murojaat qiling