Craig A. Huegen <chuegen@cisco.com>
Network-Based Denial of Service Attacks
NANOG 13     2
Trends
•
•Significant increase in network-based Denial-of-Service attacks over the last year
Attackers’ growing accessibility to networks
Growing number of organizations connected to networks
•Vulnerability
Most networks have not implemented spoof prevention filters
Very little protection currently implemented against attacks
•







•Growing accessibility to public and private networks has produced a large increase in network-based Denial of Service attacks within the past year.
•With the growing number of organizations accessing public networks (such as the Internet), the number of attack targets increases.
•Many networks are still vulnerable to attacks.  In smaller organizations, the network administration may not have sufficient resources to dedicate to security.
•Many organizations have not protected their networks from packets with faked source addresses, called “spoofs”, due to issues such as equipment age or capability, access control list (ACL) management capabilities, etc.