In order to implement a DNS amplification attack, the attacker must trigger the creation of a sufficiently large volume of DNS response packets from the intermediary to exceed the capacity of the link to the target organization. Consider an attack where the DNS response packets are 500 bytes in size (ignoring framing overhead).
a. How many of these packets per second must the attacker trigger to flood a target organization using a 0.5-Mbps link? A 2-Mbps link? Or a10-Mbps link?
b. If the DNS request packet to the intermediary is 60 bytes in size, how much bandwidth does the attacker consume to send the necessary rate of DNS request packets for each of these three cases?
from the given data
to implement a DNS amplification attack, the attacker must trigger the creation of a sufficiently large volume of DNS response packets from the intermediary
to exceed the capacity of the link to the target organization
by considering an attack where the DNS response packets are 500 bytes in size.
to calculate the no of packets sent per second by an attacker to flood the target organization
capacity of the link / no. of packets * no of bits in each byte
a.
0.5 Mbps :
no of packets = 500
no of bits = 8
no of packets sent per second by an attacker using 0.5 Mbps = 0.5 * 10^6 / 500*8
= 500000/ 4000
= 125 packets
2 Mbps :
no of packets = 500
no of bits = 8
no of packets sent per second by an attcaker using 2 Mbps = 2*10^6 / 500*8
= 2000000 / 4000
= 500 packets
lly for 10 Mbps : we get 2500 packets
b.
required bandwidth:
from the (a)_ we have for 0.5 mbps we get 125 packets
DNS packet as 60 is given
for required bandwidth = 125 * 60*8
= 60000 = 60*10^3
= 60 Kbps
for 2 Mbps we get 500 packets
DNS packet as 60 given
for required bandwidth = 500*60*8
= 240000 = 240*10^3
= 240 Kbps
for 10 Mbps we get 2500 packets
DNS packet as 60 given
for required bandwidth = 2500*60*8
= 1200000 = 1.2 * 10^6
= 1.2 Mbps
the necessary rate of DNS request packets for each of these three cases
amplification of this three cases by the formula following
no of DNS response packets / size of intermediary DNS packet
no of packets DNS response as 500 and size of intermediary DNS packet as 60
by substituting in the above formula of amplification of three cases we get = 500/ 60 = 8.33 times
In order to implement a DNS amplification attack, the attacker must trigger the creation of a...
6. (10 Points) In order to implement the classic DoS flood attack, the attacker must generate a sufficiently large volume of packets to exceed the capacity of the link to the target organization. Consider an attack using ICMP echo request (ping) packets that are 500 bytes in size (ignoring the framing overhead). (a) How many of these packets per second must the attacker send to flood a target organization using a 0.5 Mbps link? (b) How many per second if...
Please Answer all Questions on Networks, They all involve calculation ( 1-9 Questions) "A single router is transmitting packets, each of length L bits, over a single link with transmission rate R Mbps to another router at the other end of the link. Suppose that the packet length is L= 12000 bits, and that the link transmission rate along the link to router on the right is R = 1000 Mbps. What is the maximum number of packets per second...
Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...