Khoa Khoa Hc & Cng Ngh

Ngnh Mng My Tnh

GVHD: Ng Vit Phng

DoS/DDoS/DRDoS
Tn cng v phng th
LOGO

ti

Ni dung
Phn 1
Tng quan
Phn 2
Khi nim
Phn 3
Cc yu t
phng chng
DoS

M phng DoS
Tng kt

1.1. Gii thiu Internet

1.2. Tn cng T chi dch v l g?
2.1. Phn loi
2.2. Cc dng tn cng
3.1. Xy dng v bo v h thng
3.2. X l khi b tn cng DoS *23
3.3. Yu t con ngi

Ni dung
Phn 1. Tng quan
1.1. Gii thiu Internet
1.2. Tn cng t chi dch v l g?
a) Mc tiu tn cng
b) Mc ch tn cng

1. Tng quan
1.1. Gii thiu Internet

Mt h thng thng tin ton cu gm cc mng

my tnh c lin kt vi nhau.
Mang li rt nhiu tin ch hu dng cho ngi
s dng: email, chat, tm kim, mua/bn hng,
v.v

1. Tng quan

Nhng mi nguy him khng lng: virus, trojan,

backdoor, v.v
Tn cng T chi dch v: mt hnh thc ph hoi
da trn nhng khim
khuyt ca Internet
v h iu hnh.

1. Tng quan
1.2. Tn cng T chi dch v l g?

Vit tt l DoS, ngha l Denial of Service.

Cch tn cng lm mt h thng khng th
cung cp dch v, hoc phi ngng hot ng.

1. Tng quan

Gy thit hi nng n i
vi cc website thng
mi in t.
Gii hacker tuyn b khai
t hnh thc tn cng
nguy him ny.
Hin nay, ti n dnh cho
k tn cng DoS cc
nc tm t 10 nm tr
ln, ty thuc vo mc
gy thit hi v ti chnh
ca doanh nghip.

1. Tng quan

a) Mc tiu ca DoS:

Chim bng thng mng v

lm h thng mng b ngp.
Lm ngt kt ni gia hai
my, v ngn chn qu trnh
truy cp vo dch v.

1. Tng quan

b) Mc ch ca DoS:

Bng thng ca h thng mng (Network Bandwidth),

b nh, a, v CPU Time hay cu trc d liu u l
mc tiu ca tn cng DoS.
Ph hoi hoc thay i cc thng tin cu hnh.

Ni dung
Phn 2. Khi nim
2.1. Phn loi
2.2. Cc dng tn cng
a) Chim dng bng thng
b) Lm gim ti nguyn
c) Cc c ch tn cng in hnh

2. Khi nim
2.1. Phn loi

DoS: tn cng t chi dch v t mt c th, hay

tp hp cc c th.
Distributed DoS: S tn cng t mt mng my
tnh c thit k tn cng ti mt ch c th
no .
Distributed Reflexive DoS: s phi hp gia hai
kiu DoS v DDoS.

2. Khi nim

2. Khi nim
2.2. Cc dng tn cng

2. Khi nim

a) Chim dng bng thng

Tn cng Flood

iu khin cc agent gi lng ln traffic n h

thng dch v ca mc tiu, do lm h thng qu
ti v bng thng.

2. Khi nim

Tn cng khuch i

iu khin cc agent hay

client t gi message n
mt a ch IP broadcast,
lm cho tt c cc my
trong subnet ny gi
message n h thng
dch v ca mc tiu.

2. Khi nim

b) Lm gim ti nguyn
Khai thc cc giao thc

Tn cng TCP SYN

Tn cng PUSH SYN/ACK
v.v

2. Khi nim

Li packet:

Cch tn cng dng cc Agent gi cc packet c

cu trc khng ng chun nhm lm cho h thng
ca nn nhn b treo.
C 2 loi:
IP address.
IP packet options.

2. Khi nim

c) Cc c ch tn cng in hnh
Ping of Death

Gi hng lot cc gi tin IP vi kch thc byte ln

n h thng nn nhn

2. Khi nim

Teardrop:

Gi cc gi tin vi gi tr offset sai lch n my nn

nhn.

2. Khi nim

BotNet:

Mt k tn cng c th iu khin s lng ln my

tnh b chim quyn iu khin ti mt trm t xa,
khai thc bng thng ca chng v gi yu cu kt
ni ti my ch.

Ni dung
Phn 3. Cc yu t phng chng DoS
3.1. Xy dng v bo v h thng
3.2. X l khi b tn cng DoS
3.3. Yu t con ngi

3. Cc yu t phng chng DoS

3.1. Xy dng v bo v h thng

Thit lp h thng c bo mt v firewall, thit

lp cc policy qun l.
Gim st cc thng tin truy xut n h thng.
S dng mt khu phc tp (vit hoa, biu tng,
v.v)
Xy dng h thng thng tin qua nhiu bc theo di &
kim nh cht ch t phn cng & phn mm.

3. Cc yu t phng chng DoS

3.2. X l khi b tn cng DoS

Thit lp h thng c bo mt v firewall, thit

lp cc policy qun l.
Gim st cc thng tin truy xut n h thng.
S dng mt khu phc tp (vit hoa, biu tng,
v.v)
Xy dng h thng thng tin qua nhiu bc theo di &
kim nh cht ch t phn cng & phn mm.

3. Cc yu t phng chng DoS

3.3. Yu t con ngi

Hnh thnh i ng an ton thng tin chu trch

nhim x l cc tnh hung nguy hi pht sinh.
DDOS l mt hnh ng mang tnh cht ph hoi
v cn c ln n nhng vo thi im hin ti,
chng ta cha c gii php no hu hiu hn l
vic t thc ca mi con ngi.

M phng DoS
Giao din cng c
Flood Pro V1.1

Tng kt

Tn cng DoS ang v s l vn nn nguy hi

ln cho nn Internet ton cu.
Chng ta phi c nhng bc i c th v mnh
m hn cng khng ch loi hnh tn cng
ny.
- Start Small
- Think Big!

Khoa Khoa Hc & Cng Ngh

Ngnh Mng My Tnh

DoS/DDoS/DRDoS - Tn cng v phng th

Thanks for your

attention!

LOGO