Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
LISA
2000
2000
Tracing Anonymous Packets to Their Approximate Source
Most denial-of-service attacks are characterized by a flood of packets with random, apparently valid source addresses. These addresses are spoofed, created by a malicious program running on an unknown host, and carried by packets that bear no clues that could be used to determine their originating host. Identifying the source of such an attack requires tracing the packets back to the source hop by hop. Current approaches for tracing these attacks require the tedious continued attention and cooperation of each intermediate Internet Service Provider (ISP). This is not always easy given the world-wide scope of the Internet. We outline a technique for tracing spoofed packets back to their actual source host without relying on the cooperation of intervening ISPs. First, we map the paths from the victim to all possible networks. Next, we locate sources of network load, usually hosts or networks offering the UDP chargen service [5]. Finally, we work back through the tree, loading lines or ro...
Real-time TrafficActual Source Host | LISA 2000 | Most Denial-of-service Attacks | Operating System | Valid Source Addresses |
Related Content
| Added | 01 Nov 2010 |
| Updated | 01 Nov 2010 |
| Type | Conference |
| Year | 2000 |
| Where | LISA |
| Authors | Hal Burch, Bill Cheswick |
Comments (0)
Researcher Info
|
