Trusted News Trader
© Where truth comes into play
TrustedNewsTrader.com
Trying to identify online saboteurs: The IP Traceback Problem.

wikipedia
IP traceback

snip

Trace-back of active attack flows

In this type of solution, an observer tracks an existing attack flow by examining incoming and outgoing ports on routers starting from the host under attack. Thus, such a solution requires having privileged access to routers along the attack path.

To bypass this restriction and automate this process, Stone proposes routing suspicious packets on an overlay network using ISP edge routers. By simplifying the topology, suspicious packets can easily be re-routed to a specialized network for further analysis.

This is an interesting approach. By nature of DoS, any such attack will be sufficiently long lived for tracking in such a fashion to be possible. Layer-three topology changes, while hard to mask to a determined attacker, have the possibility of alleviating the DoS until the routing change is discovered and subsequently adapted to. Once the attacker has adapted, the re-routing scheme can once again adapt and re-route; causing an oscillation in the DoS attack; granting some ability to absorb the impact of such an attack.



Uni Utah PDF IP Traceback

Uni LA PDF Single Package tracking



more links for PDFs

Forensic Approach

http://www.cs.wm.edu/~hnw/paper/tdsc.pdf
http://www.cs.utah.edu/~sramesh/attachments/ip_traceback.pdf
http://www.soi.wide.ad.jp/class/20020032/materials_for_student/14/030115-suguru-security2.pdf



interesting,
after each PDF download my browser was crashed and had to be restarted,
monkeys at work?

Messages In This Thread

ADMIN! Since this forum keeps getting hammered with DOS attacks and more..... sensitive info will now also show up on the index page of BBS Radio! *PIC*
ADMIN! ALSO, we are within 30 days of launching our new FULL ON News Forum (somewhat like WRH), with comments and videos, etc. And it will be very hard to crash and very informative :) All this for you!
Thank You for your Patience & Hard Work... :) *NM*
ADMIN! Thank you. *NM*
DoS - Malicious 'Denial of Service' Attack - explained for Dummies, Geeks and Freaks.
Securing against DDoS 'Distributed Denial of Service' attacks.
Trying to identify online saboteurs: The IP Traceback Problem.
Fair Use Notice -- Terms of Usage

©2005-2019 BBS Network, Inc. | BBS Radio® | BBS Talk Radio™ | BBS® ALL RIGHTS RESERVED - If it's not mainstream, it's on BBS Radio®.