DDoS Self Defence presented at AUScert 2010

by Joe Stewart,

Summary : DDoS attacks allow someone to leverage a large number of computers against a target whose typical means of response is to shut down the affected services/systems or spend inordinate amounts of money and time working with ISPs and/or anti-DDoS vendors to quell the attack. Sometimes however, it is possible to diminish the effects on the target by leveraging properties of the protocols used in the attack to the advantage of the victim. This talk will detail one such method which is effective against many HTTP-based DDoS attacks, along with a guide to DDoS tools, DDoS bots and controllers, and how to identify and track them.
This talk is designed to convey specific information about DDoS tools and how to combat certain types of DDoS attacks.
After listening to this talk, attendees should be able to:
Enumerate the different types of DDoS tools in use today
Categorize an attack by examining request traffic
Fingerprint specific tools/trojans involved in an HTTP-based attack
Exploit some basic bugs in a few DDoS trojan web interfaces
Protect a network from most HTTP-based DDoS attacks