CERT: 'Net infrastructure targeted for DoS attacks

Denial of Service attacks are still a major threat to the Internet and are becoming more serious as attackers are increasingly creating automated attack tools and focusing on network infrastructure such as routers, according to a new paper released this week by the U.S. government-funded Computer Emergency Response Team/Coordination Center (CERT/CC).

Denial of Service (DoS) attacks are those in which an attacker floods a target computer with false requests for information, overloading that system and keeping it from responding to legitimate requests for service. Distributed Denial of Service (DDoS) attacks perform the same actions, but do so using multiple computers worldwide to flood the target system.

DoS attacks are constantly evolving and are more automated, self-propagating and faster to deploy than ever before, according to paper authors Kevin Houle and George Weaver, both CERT/CC employees. A number of the most recent and high-profile worms, such as Code Red and Nimda, underscore this point, they wrote. These developments have led to a "steady increase in the ability for intruders to easily deploy large DDoS attack networks," they wroteBeyond automation and self-propagation, DoS attacks are increasingly focusing on routers -- hardware devices that help determine where traffic is sent on the Internet, according to the paper. Routers can be taken over as a result of poor configuration or administration, they wrote.

Router attacks are "of extreme concern" due to "the potential of routers being used for DoS attacks based on direct attacks against the routing protocols that interconnect the networks comprising the Internet," they wrote. Such an attack could potentially severely affect the travel of traffic on the Internet.

"We believe this to be an eminent and real threat with a potentially high impact," Houle and Weaver wrote.

Attackers are drawn to routers, according to Houle and Weaver, "because they are generally more a part of the network infrastructure than computer systems and thus may be 'safer' in the face of attacks from rival intruders."

Another new development in the evolution of DoS attacks are the means used to control them, the authors wrote. IRC (Internet Relay Chat) networks are now being seeded with "bots," or automated tools, to control DoS attacks, replacing the manual systems that were once used for attacks, they said. The use of IRC networks poses a particular challenge to those who would fight off DoS attacks, as these networks are public venues and can't necessarily be taken offline easily, Houle and Weaver wrote.

The authors also found that DoS attacks are increasingly being targeted against end users of the Windows operating system. End users have only rarely, if at all, been targets for DoS attacks in the past. Attackers are trying to exploit security holes in Windows, based on the perception that Windows users are generally less technologically savvy than other users, they wrote.

The authors did allow that there is "enough truth to the perception to provide a potential reason for the effectiveness of intruders specifically targeting Windows end-users." To combat these attacks, they suggested that users employ personal firewalls.

DoS and DDoS attacks are going to continue and going to evolve further, Houle and Weaver wrote. Though the purpose of their paper, they write, is more to highlight and discuss the issue, rather than solve it, they do "encourage Internet sites to carefully consider the trends ... discussed (in the paper) and evaluate how security policies, procedures and technologies may need to change in order to address the current trends in DoS attack technology."

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Sam Costello

Show Comments

Brand Post

Bitdefender 2018

With determination and drive, you achieve outstanding performance! Get Bitdefender Total Security 2018 Now!

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?