(Go: >> BACK << -|- >> HOME <<)
SlideShare a Scribd company logo

FS-ISAC 2014 Troubleshooting Network Threats: DDoS Attacks, DNS Poisoning and BGP Hijacks

ThousandEyes
ThousandEyes

The network is a key component in application delivery and is often a direct or indirect target of security attacks such as DDoS and BGP hijacking. Mitigation strategies often involve using a third party cloud service without any visibility into whether the mitigation is working well. Using real life examples, we will show how one can measure the user perceived impact of an ongoing attack, as well as identify which aspects of the mitigation are not working as desired. With this detailed availability and performance data at the various layers, financial firms can learn how to better manage ongoing attacks.

Technology
1 of 32
Download to read offline
Troubleshooting Network Threats: DDoS Attacks, DNS Poisoning and BGP Hijacks Mohit Lad CEO, ThousandEyes
1 About ThousandEyes What We Do Our Customers’ Stories Network performance management designed for today’s dynamic and complex networks Used by 4 of the world’s top banks Founded in 2010 with an HQ in San Francisco CA and a London office Recognized by Gartner and EMA Reduced time to troubleshoot globally load balanced infrastructure Solved multi-week support issue due to an ISP cable cut in Asia Improved customer experience during the Brazil World Cup
2 Today’s Cyber Threat Landscape • Increasing size, frequency and severity of attacks • Exposure via external vendors (DNS, CDN, ISPs) • Greater complexity of corporate networks • Increasing importance of network for business operations
3 More Networks Connected to the Internet Source: CIDR Report Global Routing Table Growth
4 More Devices Connected to the Internet Source: Akamai State of the Internet Reports, Q2 2010-14; Akamai blog 1,600 1,400 1,200 1,000 800 600 400 200 0 2007 2008 2009 2010 2011 2012 2013 2014 Millions IPv6 IPv4 Unique IP Addresses Observed
5 Size of DDoS Attacks Increasing 50% YoY Source: Verizon Data Breach Report 2014
6 Major DDoS Attacks in 2014 400 350 300 250 200 150 100 50 0 Attack Volume Rising Major Attacks in 2014 Q4 12 Q1 13 Q2 13 Q3 13 Q4 13 Q1 14 Q2 14 February: Bitstamp April: UltraDNS August: PlayStation Network, Blizzard Source: Akamai State of the Internet Q2 2014
7 Three Network Security Threats We’ll Cover BGP Hijacks DDoS Attacks DNS Poisoning
BGP Hijacks
9 A Primer on BGP Hijacks AS 14340 Salesforce AS 2914 NTT Autonomous System AS 7018 AT&T AS 3356 Level3 Border Router Salesforce advertises routes among BGP peers to upstream ISPs Salesforce.com advertises prefix 96.43.144.0/22 AT&T receives route advertisements to Salesforce via Level3 and NTT AS 4761 Indosat Traffic Path
10 A Primer on BGP Hijacks AS 14340 Salesforce AS 2914 NTT AS 7018 AT&T AS 3356 Level3 Indosat also advertises prefix 96.43.144.0/22, ‘hijacking’ Salesforce’s routes AS 4761 Indosat Traffic Path AT&T now directs Salesforce-destined traffic to Indosat
11 BGP Hijack: Normal Routes to PayPal PayPal / Akamai prefix Akamai Autonomous System Comcast upstream
Locations with completely 12 BGP Hijack: Routes Advertised from Indosat PayPal / Akamai prefix Correct Autonomous System Hijacked hijacked routes Autonomous System
13 BGP Hijack: PCCW Has No Routes to PayPal PCCW Network only connected to Indosat Not to Akamai / PayPal
14 BGP Hijack: Causing All Traffic to Drop Traffic transiting PCCW has no routes and terminates
DDoS Attacks
16 Network Topology of a DDoS Attack Attackers flood your web service from around the world Sydney Portland, OR London YourBank.com Chicago, IL Tokyo Atlanta Internet Enterprise
17 DDoS Mitigation Strategy 1: On-Premises Sydney Portland, OR London YourBank.com Chicago, IL Tokyo Atlanta Appliance at network edge monitors and mitigates application-layer attacks Internet On-Premises Enterprise DDoS Mitigation Appliance
18 DDoS Mitigation Strategy 2: ISP Collaboration Sydney Portland, OR ISP 1 London YourBank.com Chicago, IL Tokyo Atlanta Attack traffic is routed by ISPs to a remote-triggered black hole ISP 2 Internet Remote- Enterprise Triggered Black Hole
19 DDoS Mitigation Strategy 3: Cloud-Based Sydney Portland, OR London YourBank.com Chicago, IL Tokyo Atlanta Traffic is rerouted, using DNS or BGP, to cloud-based scrubbing centers and ‘real’ traffic is routed back to your network Internet Scrubbing Enterprise Center
20 Why Monitor DDoS Attacks Global Availability Mitigation Deployment Mitigation Performance Vendor Collaboration
21 DDoS Attack: Drop in Global Availability Problems at TCP connection and HTTP receive phases Global availability issues Availability dip to 0%
22 DDoS Attack: Increased Packet Loss and Latency Loss, latency and jitter Loss during height of attack
23 DDoS Attack: Congested Nodes in Upstream ISPs Nodes with >25% packet loss Packet loss in upstream ISPs Verizon and AT&T HSBC bank website under attack High packet loss from all testing points
24 DDoS Attack: Mitigation Effectiveness Verisign DDoS mitigation networks in yellow
25 DDoS Attack: Mitigation Handoff Using BGP New Autonomous System (VeriSign) Prior Autonomous System (HSBC) HSBC prefix New routes Withdrawn routes
DNS Cache Poisoning
27 DNS Cache Poisoning Local DNS Cache www.attack.com Attacker DNS Server dns.attack.com Authoritative DNS Server dns.website.com Attacker www.website.com Attacker inserts a false record into the DNS cache Unsecured DNS server, no DNSSEC, no port randomization User 1 User requests DNS record for www.website.com 2 Looks up record on spoofed name server 3 User accesses spoofed URL 4
28 Blocking Facebook in China DNS availability in China <10%
29 Redirecting Facebook to Alternate IP Addresses Facebook is typically routed to 173.252.110.27, except in China
• Understand network topology and dependencies • Focus on critical network services 30 Key Capabilities to Monitor Network Security • Reachability to your address blocks • Path changes and more specific prefixes upstream Get global visibility Alert on routing to your network • DNS, CDN and hosting providers • DDoS mitigation vendors and ISPs Track efficacy of external services Implement DNSSEC • Prevent cache poisoning on your resolvers • Monitor for poisoning of your records on other networks
It’s time to see the entire picture.

Recommended

Getting Started with ThousandEyes
Getting Started with ThousandEyesGetting Started with ThousandEyes
Getting Started with ThousandEyes
ThousandEyes
 
Discover Network Insights with Reports
Discover Network Insights with ReportsDiscover Network Insights with Reports
Discover Network Insights with Reports
ThousandEyes
 
Monitoring and Troubleshooting for Online Operations
Monitoring and Troubleshooting for Online OperationsMonitoring and Troubleshooting for Online Operations
Monitoring and Troubleshooting for Online Operations
ThousandEyes
 
2016 Internet Outages: Trends, Insights & Analysis
2016 Internet Outages: Trends, Insights & Analysis 2016 Internet Outages: Trends, Insights & Analysis
2016 Internet Outages: Trends, Insights & Analysis
ThousandEyes
 
Diagnosing Internet Outages
Diagnosing Internet OutagesDiagnosing Internet Outages
Diagnosing Internet Outages
ThousandEyes
 
Endpoint Agent Part 1: End User Experience
Endpoint Agent Part 1: End User ExperienceEndpoint Agent Part 1: End User Experience
Endpoint Agent Part 1: End User Experience
ThousandEyes
 
Reverse Path Visibility with Agent-to-Agent Tests
Reverse Path Visibility with Agent-to-Agent TestsReverse Path Visibility with Agent-to-Agent Tests
Reverse Path Visibility with Agent-to-Agent Tests
ThousandEyes
 
ISP Connectivity Webinar: No Longer a Black Box
ISP Connectivity Webinar: No Longer a Black BoxISP Connectivity Webinar: No Longer a Black Box
ISP Connectivity Webinar: No Longer a Black Box
ThousandEyes
 

Recommended

Getting Started with ThousandEyes
Getting Started with ThousandEyesGetting Started with ThousandEyes
Getting Started with ThousandEyes
ThousandEyes
 
Discover Network Insights with Reports
Discover Network Insights with ReportsDiscover Network Insights with Reports
Discover Network Insights with Reports
ThousandEyes
 
Monitoring and Troubleshooting for Online Operations
Monitoring and Troubleshooting for Online OperationsMonitoring and Troubleshooting for Online Operations
Monitoring and Troubleshooting for Online Operations
ThousandEyes
 
2016 Internet Outages: Trends, Insights & Analysis
2016 Internet Outages: Trends, Insights & Analysis 2016 Internet Outages: Trends, Insights & Analysis
2016 Internet Outages: Trends, Insights & Analysis
ThousandEyes
 
Diagnosing Internet Outages
Diagnosing Internet OutagesDiagnosing Internet Outages
Diagnosing Internet Outages
ThousandEyes
 
Endpoint Agent Part 1: End User Experience
Endpoint Agent Part 1: End User ExperienceEndpoint Agent Part 1: End User Experience
Endpoint Agent Part 1: End User Experience
ThousandEyes
 
Reverse Path Visibility with Agent-to-Agent Tests
Reverse Path Visibility with Agent-to-Agent TestsReverse Path Visibility with Agent-to-Agent Tests
Reverse Path Visibility with Agent-to-Agent Tests
ThousandEyes
 
ISP Connectivity Webinar: No Longer a Black Box
ISP Connectivity Webinar: No Longer a Black BoxISP Connectivity Webinar: No Longer a Black Box
ISP Connectivity Webinar: No Longer a Black Box
ThousandEyes
 
Optimizing AS Paths
Optimizing AS PathsOptimizing AS Paths
Optimizing AS Paths
ThousandEyes
 
Endpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
Endpoint Agent Part 3: LAN, Wireless, Gateways and ProxiesEndpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
Endpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
ThousandEyes
 
Monitoring End User Experience with Endpoint Agent
Monitoring End User Experience with Endpoint AgentMonitoring End User Experience with Endpoint Agent
Monitoring End User Experience with Endpoint Agent
ThousandEyes
 
Monitoring Route Changes
Monitoring Route ChangesMonitoring Route Changes
Monitoring Route Changes
ThousandEyes
 
ThousandEyes at Network Field Day 12
ThousandEyes at Network Field Day 12ThousandEyes at Network Field Day 12
ThousandEyes at Network Field Day 12
ThousandEyes
 
Detecting Hijacks and Leaks
Detecting Hijacks and LeaksDetecting Hijacks and Leaks
Detecting Hijacks and Leaks
ThousandEyes
 
Optimizing WAN to Deliver SharePoint Online Globally
Optimizing WAN to Deliver SharePoint Online GloballyOptimizing WAN to Deliver SharePoint Online Globally
Optimizing WAN to Deliver SharePoint Online Globally
ThousandEyes
 
NANOG 68: Decoding Performance Data from Large-Scale Internet Outages
NANOG 68: Decoding Performance Data from Large-Scale Internet OutagesNANOG 68: Decoding Performance Data from Large-Scale Internet Outages
NANOG 68: Decoding Performance Data from Large-Scale Internet Outages
ThousandEyes
 
ThousandEyes Alerting Essentials for Your Network
ThousandEyes Alerting Essentials for Your NetworkThousandEyes Alerting Essentials for Your Network
ThousandEyes Alerting Essentials for Your Network
ThousandEyes
 
Troubleshooting Remote Workers and VPNs
Troubleshooting Remote Workers and VPNsTroubleshooting Remote Workers and VPNs
Troubleshooting Remote Workers and VPNs
ThousandEyes
 
Enterprise and Wide Area Network Visibility
Enterprise and Wide Area Network VisibilityEnterprise and Wide Area Network Visibility
Enterprise and Wide Area Network Visibility
ThousandEyes
 
Monitoring IPv6 Networks
Monitoring IPv6 NetworksMonitoring IPv6 Networks
Monitoring IPv6 Networks
ThousandEyes
 
Endpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
Endpoint Agent Part 2: Monitoring SaaS Apps from AnywhereEndpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
Endpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
ThousandEyes
 
Tips for Optimizing Web Performance
Tips for Optimizing Web PerformanceTips for Optimizing Web Performance
Tips for Optimizing Web Performance
ThousandEyes
 
Better Than Best Effort at Bloomberg from ThousandEyes Connect
Better Than Best Effort at Bloomberg from ThousandEyes ConnectBetter Than Best Effort at Bloomberg from ThousandEyes Connect
Better Than Best Effort at Bloomberg from ThousandEyes Connect
ThousandEyes
 
Monitoring Network Performance in China
Monitoring Network Performance in ChinaMonitoring Network Performance in China
Monitoring Network Performance in China
ThousandEyes
 
Monitoring DNS Records and Servers
Monitoring DNS Records and ServersMonitoring DNS Records and Servers
Monitoring DNS Records and Servers
ThousandEyes
 
Measuring and Troubleshooting Performance of Global Data Centers at ServiceNow
Measuring and Troubleshooting Performance of Global Data Centers at ServiceNowMeasuring and Troubleshooting Performance of Global Data Centers at ServiceNow
Measuring and Troubleshooting Performance of Global Data Centers at ServiceNow
ThousandEyes
 
Cisco IT and ThousandEyes
Cisco IT and ThousandEyesCisco IT and ThousandEyes
Cisco IT and ThousandEyes
ThousandEyes
 
Monitoring the Pixel-Serving Architecture at Quantcast
Monitoring the Pixel-Serving Architecture at Quantcast Monitoring the Pixel-Serving Architecture at Quantcast
Monitoring the Pixel-Serving Architecture at Quantcast
ThousandEyes
 
Lighting presentation group 97
Lighting presentation group 97Lighting presentation group 97
Lighting presentation group 97
garomero2
 
Emile Noel 法國艾米爾諾耶有機植物油2013-A5手冊
Emile Noel 法國艾米爾諾耶有機植物油2013-A5手冊Emile Noel 法國艾米爾諾耶有機植物油2013-A5手冊
Emile Noel 法國艾米爾諾耶有機植物油2013-A5手冊Chibi Wu
 

More Related Content

What's hot

Optimizing AS Paths
Optimizing AS PathsOptimizing AS Paths
Optimizing AS Paths
ThousandEyes
 
Endpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
Endpoint Agent Part 3: LAN, Wireless, Gateways and ProxiesEndpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
Endpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
ThousandEyes
 
Monitoring End User Experience with Endpoint Agent
Monitoring End User Experience with Endpoint AgentMonitoring End User Experience with Endpoint Agent
Monitoring End User Experience with Endpoint Agent
ThousandEyes
 
Monitoring Route Changes
Monitoring Route ChangesMonitoring Route Changes
Monitoring Route Changes
ThousandEyes
 
ThousandEyes at Network Field Day 12
ThousandEyes at Network Field Day 12ThousandEyes at Network Field Day 12
ThousandEyes at Network Field Day 12
ThousandEyes
 
Detecting Hijacks and Leaks
Detecting Hijacks and LeaksDetecting Hijacks and Leaks
Detecting Hijacks and Leaks
ThousandEyes
 
Optimizing WAN to Deliver SharePoint Online Globally
Optimizing WAN to Deliver SharePoint Online GloballyOptimizing WAN to Deliver SharePoint Online Globally
Optimizing WAN to Deliver SharePoint Online Globally
ThousandEyes
 
NANOG 68: Decoding Performance Data from Large-Scale Internet Outages
NANOG 68: Decoding Performance Data from Large-Scale Internet OutagesNANOG 68: Decoding Performance Data from Large-Scale Internet Outages
NANOG 68: Decoding Performance Data from Large-Scale Internet Outages
ThousandEyes
 
ThousandEyes Alerting Essentials for Your Network
ThousandEyes Alerting Essentials for Your NetworkThousandEyes Alerting Essentials for Your Network
ThousandEyes Alerting Essentials for Your Network
ThousandEyes
 
Troubleshooting Remote Workers and VPNs
Troubleshooting Remote Workers and VPNsTroubleshooting Remote Workers and VPNs
Troubleshooting Remote Workers and VPNs
ThousandEyes
 
Enterprise and Wide Area Network Visibility
Enterprise and Wide Area Network VisibilityEnterprise and Wide Area Network Visibility
Enterprise and Wide Area Network Visibility
ThousandEyes
 
Monitoring IPv6 Networks
Monitoring IPv6 NetworksMonitoring IPv6 Networks
Monitoring IPv6 Networks
ThousandEyes
 
Endpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
Endpoint Agent Part 2: Monitoring SaaS Apps from AnywhereEndpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
Endpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
ThousandEyes
 
Tips for Optimizing Web Performance
Tips for Optimizing Web PerformanceTips for Optimizing Web Performance
Tips for Optimizing Web Performance
ThousandEyes
 
Better Than Best Effort at Bloomberg from ThousandEyes Connect
Better Than Best Effort at Bloomberg from ThousandEyes ConnectBetter Than Best Effort at Bloomberg from ThousandEyes Connect
Better Than Best Effort at Bloomberg from ThousandEyes Connect
ThousandEyes
 
Monitoring Network Performance in China
Monitoring Network Performance in ChinaMonitoring Network Performance in China
Monitoring Network Performance in China
ThousandEyes
 
Monitoring DNS Records and Servers
Monitoring DNS Records and ServersMonitoring DNS Records and Servers
Monitoring DNS Records and Servers
ThousandEyes
 
Measuring and Troubleshooting Performance of Global Data Centers at ServiceNow
Measuring and Troubleshooting Performance of Global Data Centers at ServiceNowMeasuring and Troubleshooting Performance of Global Data Centers at ServiceNow
Measuring and Troubleshooting Performance of Global Data Centers at ServiceNow
ThousandEyes
 
Cisco IT and ThousandEyes
Cisco IT and ThousandEyesCisco IT and ThousandEyes
Cisco IT and ThousandEyes
ThousandEyes
 
Monitoring the Pixel-Serving Architecture at Quantcast
Monitoring the Pixel-Serving Architecture at Quantcast Monitoring the Pixel-Serving Architecture at Quantcast
Monitoring the Pixel-Serving Architecture at Quantcast
ThousandEyes
 

What's hot (20)

Optimizing AS Paths
Optimizing AS PathsOptimizing AS Paths
Optimizing AS Paths
 
Endpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
Endpoint Agent Part 3: LAN, Wireless, Gateways and ProxiesEndpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
Endpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
 
Monitoring End User Experience with Endpoint Agent
Monitoring End User Experience with Endpoint AgentMonitoring End User Experience with Endpoint Agent
Monitoring End User Experience with Endpoint Agent
 
Monitoring Route Changes
Monitoring Route ChangesMonitoring Route Changes
Monitoring Route Changes
 
ThousandEyes at Network Field Day 12
ThousandEyes at Network Field Day 12ThousandEyes at Network Field Day 12
ThousandEyes at Network Field Day 12
 
Detecting Hijacks and Leaks
Detecting Hijacks and LeaksDetecting Hijacks and Leaks
Detecting Hijacks and Leaks
 
Optimizing WAN to Deliver SharePoint Online Globally
Optimizing WAN to Deliver SharePoint Online GloballyOptimizing WAN to Deliver SharePoint Online Globally
Optimizing WAN to Deliver SharePoint Online Globally
 
NANOG 68: Decoding Performance Data from Large-Scale Internet Outages
NANOG 68: Decoding Performance Data from Large-Scale Internet OutagesNANOG 68: Decoding Performance Data from Large-Scale Internet Outages
NANOG 68: Decoding Performance Data from Large-Scale Internet Outages
 
ThousandEyes Alerting Essentials for Your Network
ThousandEyes Alerting Essentials for Your NetworkThousandEyes Alerting Essentials for Your Network
ThousandEyes Alerting Essentials for Your Network
 
Troubleshooting Remote Workers and VPNs
Troubleshooting Remote Workers and VPNsTroubleshooting Remote Workers and VPNs
Troubleshooting Remote Workers and VPNs
 
Enterprise and Wide Area Network Visibility
Enterprise and Wide Area Network VisibilityEnterprise and Wide Area Network Visibility
Enterprise and Wide Area Network Visibility
 
Monitoring IPv6 Networks
Monitoring IPv6 NetworksMonitoring IPv6 Networks
Monitoring IPv6 Networks
 
Endpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
Endpoint Agent Part 2: Monitoring SaaS Apps from AnywhereEndpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
Endpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
 
Tips for Optimizing Web Performance
Tips for Optimizing Web PerformanceTips for Optimizing Web Performance
Tips for Optimizing Web Performance
 
Better Than Best Effort at Bloomberg from ThousandEyes Connect
Better Than Best Effort at Bloomberg from ThousandEyes ConnectBetter Than Best Effort at Bloomberg from ThousandEyes Connect
Better Than Best Effort at Bloomberg from ThousandEyes Connect
 
Monitoring Network Performance in China
Monitoring Network Performance in ChinaMonitoring Network Performance in China
Monitoring Network Performance in China
 
Monitoring DNS Records and Servers
Monitoring DNS Records and ServersMonitoring DNS Records and Servers
Monitoring DNS Records and Servers
 
Measuring and Troubleshooting Performance of Global Data Centers at ServiceNow
Measuring and Troubleshooting Performance of Global Data Centers at ServiceNowMeasuring and Troubleshooting Performance of Global Data Centers at ServiceNow
Measuring and Troubleshooting Performance of Global Data Centers at ServiceNow
 
Cisco IT and ThousandEyes
Cisco IT and ThousandEyesCisco IT and ThousandEyes
Cisco IT and ThousandEyes
 
Monitoring the Pixel-Serving Architecture at Quantcast
Monitoring the Pixel-Serving Architecture at Quantcast Monitoring the Pixel-Serving Architecture at Quantcast
Monitoring the Pixel-Serving Architecture at Quantcast
 

Viewers also liked

Lighting presentation group 97
Lighting presentation group 97Lighting presentation group 97
Lighting presentation group 97
garomero2
 
Emile Noel 法國艾米爾諾耶有機植物油2013-A5手冊
Emile Noel 法國艾米爾諾耶有機植物油2013-A5手冊Emile Noel 法國艾米爾諾耶有機植物油2013-A5手冊
Emile Noel 法國艾米爾諾耶有機植物油2013-A5手冊Chibi Wu
 
VoIP Monitoring and Troubleshooting
VoIP Monitoring and TroubleshootingVoIP Monitoring and Troubleshooting
VoIP Monitoring and Troubleshooting
ThousandEyes
 
Managing Network Performance Within and Beyond Your Enterprise
Managing Network Performance Within and Beyond Your EnterpriseManaging Network Performance Within and Beyond Your Enterprise
Managing Network Performance Within and Beyond Your Enterprise
ThousandEyes
 
Catalogue
CatalogueCatalogue
Catalogue
Christos Ioannides
 
Business Plan
Business Plan Business Plan
Business Plan
Tahseen Yousfi
 
Social Media's Affect on Interaction
Social Media's Affect on InteractionSocial Media's Affect on Interaction
Social Media's Affect on Interaction
jporter10
 
Nando evento infantiles- empresa infatil
Nando evento infantiles- empresa infatilNando evento infantiles- empresa infatil
Nando evento infantiles- empresa infatil
Fernando Thiago Reymundo Samaniego
 
Yl essential-oils
Yl essential-oilsYl essential-oils
Yl essential-oils
Missy Passmore
 
SC Galatasaray: To work with fans and generate profit in social media (Ertug ...
SC Galatasaray: To work with fans and generate profit in social media (Ertug ...SC Galatasaray: To work with fans and generate profit in social media (Ertug ...
SC Galatasaray: To work with fans and generate profit in social media (Ertug ...
ResultSportsUkraine
 
добрые советы 4
добрые советы 4добрые советы 4
добрые советы 4Usman Suleymanov
 
Oliver Pirate Project
Oliver Pirate ProjectOliver Pirate Project
Oliver Pirate Project
Joan Bennett
 

Viewers also liked (14)

Lighting presentation group 97
Lighting presentation group 97Lighting presentation group 97
Lighting presentation group 97
 
Emile Noel 法國艾米爾諾耶有機植物油2013-A5手冊
Emile Noel 法國艾米爾諾耶有機植物油2013-A5手冊Emile Noel 法國艾米爾諾耶有機植物油2013-A5手冊
Emile Noel 法國艾米爾諾耶有機植物油2013-A5手冊
 
город
городгород
город
 
п.п. в быту
п.п. в бытуп.п. в быту
п.п. в быту
 
VoIP Monitoring and Troubleshooting
VoIP Monitoring and TroubleshootingVoIP Monitoring and Troubleshooting
VoIP Monitoring and Troubleshooting
 
Managing Network Performance Within and Beyond Your Enterprise
Managing Network Performance Within and Beyond Your EnterpriseManaging Network Performance Within and Beyond Your Enterprise
Managing Network Performance Within and Beyond Your Enterprise
 
Catalogue
CatalogueCatalogue
Catalogue
 
Business Plan
Business Plan Business Plan
Business Plan
 
Social Media's Affect on Interaction
Social Media's Affect on InteractionSocial Media's Affect on Interaction
Social Media's Affect on Interaction
 
Nando evento infantiles- empresa infatil
Nando evento infantiles- empresa infatilNando evento infantiles- empresa infatil
Nando evento infantiles- empresa infatil
 
Yl essential-oils
Yl essential-oilsYl essential-oils
Yl essential-oils
 
SC Galatasaray: To work with fans and generate profit in social media (Ertug ...
SC Galatasaray: To work with fans and generate profit in social media (Ertug ...SC Galatasaray: To work with fans and generate profit in social media (Ertug ...
SC Galatasaray: To work with fans and generate profit in social media (Ertug ...
 
добрые советы 4
добрые советы 4добрые советы 4
добрые советы 4
 
Oliver Pirate Project
Oliver Pirate ProjectOliver Pirate Project
Oliver Pirate Project
 

Similar to FS-ISAC 2014 Troubleshooting Network Threats: DDoS Attacks, DNS Poisoning and BGP Hijacks

Visualizing Network Security Threats
Visualizing Network Security ThreatsVisualizing Network Security Threats
Visualizing Network Security Threats
ThousandEyes
 
Monitoring for Network Security: BGP Hijacks, DDoS Attacks and DNS Poisoning
Monitoring for Network Security: BGP Hijacks, DDoS Attacks and DNS PoisoningMonitoring for Network Security: BGP Hijacks, DDoS Attacks and DNS Poisoning
Monitoring for Network Security: BGP Hijacks, DDoS Attacks and DNS Poisoning
ThousandEyes
 
Bezpečnostní architektura F5
Bezpečnostní architektura F5Bezpečnostní architektura F5
Bezpečnostní architektura F5
MarketingArrowECS_CZ
 
KHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionKHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack Prevention
APNIC
 
Weapons of Mass Disruption by Roman Lara for OWASP San Antonio Chapter meetup
Weapons of Mass Disruption by Roman Lara for OWASP San Antonio Chapter meetupWeapons of Mass Disruption by Roman Lara for OWASP San Antonio Chapter meetup
Weapons of Mass Disruption by Roman Lara for OWASP San Antonio Chapter meetup
michaelxin2015
 
A10 issa d do s 5-2014
A10 issa d do s 5-2014A10 issa d do s 5-2014
A10 issa d do s 5-2014
Raleigh ISSA
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentals
Cloudflare
 
Cyber Security 101
Cyber Security 101Cyber Security 101
Cyber Security 101
Cloudflare
 
Owning End-to-end Application Experience With ThousandEyes
Owning End-to-end Application Experience With ThousandEyesOwning End-to-end Application Experience With ThousandEyes
Owning End-to-end Application Experience With ThousandEyes
ThousandEyes
 
MANRS for Network Operators - bdNOG12
MANRS for Network Operators - bdNOG12MANRS for Network Operators - bdNOG12
MANRS for Network Operators - bdNOG12
Bangladesh Network Operators Group
 
Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)
Cloudflare
 
A new way to prevent Botnet Attack
A new way to prevent Botnet AttackA new way to prevent Botnet Attack
A new way to prevent Botnet Attack
yennhi2812
 
Optimizing Network Connectivity to your Data Center
Optimizing Network Connectivity to your Data CenterOptimizing Network Connectivity to your Data Center
Optimizing Network Connectivity to your Data Center
ThousandEyes
 
DrupalCon Vienna 2017 - Anatomy of DDoS
DrupalCon Vienna 2017 - Anatomy of DDoSDrupalCon Vienna 2017 - Anatomy of DDoS
DrupalCon Vienna 2017 - Anatomy of DDoS
Suzanne Aldrich
 
eSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedeSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform Simplified
Netpluz Asia Pte Ltd
 
DDosMon A Global DDoS Monitoring Project
DDosMon A Global DDoS Monitoring ProjectDDosMon A Global DDoS Monitoring Project
DDosMon A Global DDoS Monitoring Project
APNIC
 
Introduction to ThousandEyes
Introduction to ThousandEyesIntroduction to ThousandEyes
Introduction to ThousandEyes
ThousandEyes
 
SANOG 40: DDoS in South Asia
SANOG 40: DDoS in South AsiaSANOG 40: DDoS in South Asia
SANOG 40: DDoS in South Asia
APNIC
 
Signpost at FOCI 2013
Signpost at FOCI 2013Signpost at FOCI 2013
Signpost at FOCI 2013
Amir Chaudhry
 
Introduction to ThousandEyes
Introduction to ThousandEyesIntroduction to ThousandEyes
Introduction to ThousandEyes
ThousandEyes
 

Similar to FS-ISAC 2014 Troubleshooting Network Threats: DDoS Attacks, DNS Poisoning and BGP Hijacks (20)

Visualizing Network Security Threats
Visualizing Network Security ThreatsVisualizing Network Security Threats
Visualizing Network Security Threats
 
Monitoring for Network Security: BGP Hijacks, DDoS Attacks and DNS Poisoning
Monitoring for Network Security: BGP Hijacks, DDoS Attacks and DNS PoisoningMonitoring for Network Security: BGP Hijacks, DDoS Attacks and DNS Poisoning
Monitoring for Network Security: BGP Hijacks, DDoS Attacks and DNS Poisoning
 
Bezpečnostní architektura F5
Bezpečnostní architektura F5Bezpečnostní architektura F5
Bezpečnostní architektura F5
 
KHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionKHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack Prevention
 
Weapons of Mass Disruption by Roman Lara for OWASP San Antonio Chapter meetup
Weapons of Mass Disruption by Roman Lara for OWASP San Antonio Chapter meetupWeapons of Mass Disruption by Roman Lara for OWASP San Antonio Chapter meetup
Weapons of Mass Disruption by Roman Lara for OWASP San Antonio Chapter meetup
 
A10 issa d do s 5-2014
A10 issa d do s 5-2014A10 issa d do s 5-2014
A10 issa d do s 5-2014
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentals
 
Cyber Security 101
Cyber Security 101Cyber Security 101
Cyber Security 101
 
Owning End-to-end Application Experience With ThousandEyes
Owning End-to-end Application Experience With ThousandEyesOwning End-to-end Application Experience With ThousandEyes
Owning End-to-end Application Experience With ThousandEyes
 
MANRS for Network Operators - bdNOG12
MANRS for Network Operators - bdNOG12MANRS for Network Operators - bdNOG12
MANRS for Network Operators - bdNOG12
 
Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)
 
A new way to prevent Botnet Attack
A new way to prevent Botnet AttackA new way to prevent Botnet Attack
A new way to prevent Botnet Attack
 
Optimizing Network Connectivity to your Data Center
Optimizing Network Connectivity to your Data CenterOptimizing Network Connectivity to your Data Center
Optimizing Network Connectivity to your Data Center
 
DrupalCon Vienna 2017 - Anatomy of DDoS
DrupalCon Vienna 2017 - Anatomy of DDoSDrupalCon Vienna 2017 - Anatomy of DDoS
DrupalCon Vienna 2017 - Anatomy of DDoS
 
eSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedeSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform Simplified
 
DDosMon A Global DDoS Monitoring Project
DDosMon A Global DDoS Monitoring ProjectDDosMon A Global DDoS Monitoring Project
DDosMon A Global DDoS Monitoring Project
 
Introduction to ThousandEyes
Introduction to ThousandEyesIntroduction to ThousandEyes
Introduction to ThousandEyes
 
SANOG 40: DDoS in South Asia
SANOG 40: DDoS in South AsiaSANOG 40: DDoS in South Asia
SANOG 40: DDoS in South Asia
 
Signpost at FOCI 2013
Signpost at FOCI 2013Signpost at FOCI 2013
Signpost at FOCI 2013
 
Introduction to ThousandEyes
Introduction to ThousandEyesIntroduction to ThousandEyes
Introduction to ThousandEyes
 

More from ThousandEyes

New ThousandEyes Product Features and Release Highlights: June 2024
New ThousandEyes Product Features and Release Highlights: June 2024New ThousandEyes Product Features and Release Highlights: June 2024
New ThousandEyes Product Features and Release Highlights: June 2024
ThousandEyes
 
APJC Introduction to ThousandEyes Webinar
APJC Introduction to ThousandEyes WebinarAPJC Introduction to ThousandEyes Webinar
APJC Introduction to ThousandEyes Webinar
ThousandEyes
 
ThousandEyes New Product Features and Release Highlights: June 2024
ThousandEyes New Product Features and Release Highlights: June 2024ThousandEyes New Product Features and Release Highlights: June 2024
ThousandEyes New Product Features and Release Highlights: June 2024
ThousandEyes
 
Introduction to ThousandEyes AMER Webinar
Introduction to ThousandEyes AMER WebinarIntroduction to ThousandEyes AMER Webinar
Introduction to ThousandEyes AMER Webinar
ThousandEyes
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
ThousandEyes
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
ThousandEyes
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
ThousandEyes
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
ThousandEyes
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
ThousandEyes
 
New ThousandEyes Product Features and Release Highlights: March 2024
New ThousandEyes Product Features and Release Highlights: March 2024New ThousandEyes Product Features and Release Highlights: March 2024
New ThousandEyes Product Features and Release Highlights: March 2024
ThousandEyes
 
EMEA What is ThousandEyes? Webinar
EMEA What is ThousandEyes? WebinarEMEA What is ThousandEyes? Webinar
EMEA What is ThousandEyes? Webinar
ThousandEyes
 
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedIn
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedInOutage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedIn
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedIn
ThousandEyes
 
Assure Patient and Clinician Digital Experiences with ThousandEyes for Health...
Assure Patient and Clinician Digital Experiences with ThousandEyes for Health...Assure Patient and Clinician Digital Experiences with ThousandEyes for Health...
Assure Patient and Clinician Digital Experiences with ThousandEyes for Health...
ThousandEyes
 
AMER Introduction to ThousandEyes Webinar
AMER Introduction to ThousandEyes WebinarAMER Introduction to ThousandEyes Webinar
AMER Introduction to ThousandEyes Webinar
ThousandEyes
 
New ThousandEyes Product Features and Release Highlights: February 2024
New ThousandEyes Product Features and Release Highlights: February 2024New ThousandEyes Product Features and Release Highlights: February 2024
New ThousandEyes Product Features and Release Highlights: February 2024
ThousandEyes
 

More from ThousandEyes (20)

New ThousandEyes Product Features and Release Highlights: June 2024
New ThousandEyes Product Features and Release Highlights: June 2024New ThousandEyes Product Features and Release Highlights: June 2024
New ThousandEyes Product Features and Release Highlights: June 2024
 
APJC Introduction to ThousandEyes Webinar
APJC Introduction to ThousandEyes WebinarAPJC Introduction to ThousandEyes Webinar
APJC Introduction to ThousandEyes Webinar
 
ThousandEyes New Product Features and Release Highlights: June 2024
ThousandEyes New Product Features and Release Highlights: June 2024ThousandEyes New Product Features and Release Highlights: June 2024
ThousandEyes New Product Features and Release Highlights: June 2024
 
Introduction to ThousandEyes AMER Webinar
Introduction to ThousandEyes AMER WebinarIntroduction to ThousandEyes AMER Webinar
Introduction to ThousandEyes AMER Webinar
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
New ThousandEyes Product Features and Release Highlights: March 2024
New ThousandEyes Product Features and Release Highlights: March 2024New ThousandEyes Product Features and Release Highlights: March 2024
New ThousandEyes Product Features and Release Highlights: March 2024
 
EMEA What is ThousandEyes? Webinar
EMEA What is ThousandEyes? WebinarEMEA What is ThousandEyes? Webinar
EMEA What is ThousandEyes? Webinar
 
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedIn
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedInOutage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedIn
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedIn
 
Assure Patient and Clinician Digital Experiences with ThousandEyes for Health...
Assure Patient and Clinician Digital Experiences with ThousandEyes for Health...Assure Patient and Clinician Digital Experiences with ThousandEyes for Health...
Assure Patient and Clinician Digital Experiences with ThousandEyes for Health...
 
AMER Introduction to ThousandEyes Webinar
AMER Introduction to ThousandEyes WebinarAMER Introduction to ThousandEyes Webinar
AMER Introduction to ThousandEyes Webinar
 
New ThousandEyes Product Features and Release Highlights: February 2024
New ThousandEyes Product Features and Release Highlights: February 2024New ThousandEyes Product Features and Release Highlights: February 2024
New ThousandEyes Product Features and Release Highlights: February 2024
 

Recently uploaded

Database Management Myths for Developers
Database Management Myths for DevelopersDatabase Management Myths for Developers
Database Management Myths for Developers
John Sterrett
 
An Introduction to All Data Enterprise Integration
An Introduction to All Data Enterprise IntegrationAn Introduction to All Data Enterprise Integration
An Introduction to All Data Enterprise Integration
Safe Software
 
Cyber Recovery Wargame
Cyber Recovery WargameCyber Recovery Wargame
Cyber Recovery Wargame
Databarracks
 
Summer24-ReleaseOverviewDeck - Stephen Stanley 27 June 2024.pdf
Summer24-ReleaseOverviewDeck - Stephen Stanley 27 June 2024.pdfSummer24-ReleaseOverviewDeck - Stephen Stanley 27 June 2024.pdf
Summer24-ReleaseOverviewDeck - Stephen Stanley 27 June 2024.pdf
Anna Loughnan Colquhoun
 
Leveraging AI for Software Developer Productivity.pptx
Leveraging AI for Software Developer Productivity.pptxLeveraging AI for Software Developer Productivity.pptx
Leveraging AI for Software Developer Productivity.pptx
petabridge
 
Dev Dives: Mining your data with AI-powered Continuous Discovery
Dev Dives: Mining your data with AI-powered Continuous DiscoveryDev Dives: Mining your data with AI-powered Continuous Discovery
Dev Dives: Mining your data with AI-powered Continuous Discovery
UiPathCommunity
 
Call Girls Chennai ☎️ +91-7426014248 😍 Chennai Call Girl Beauty Girls Chennai...
Call Girls Chennai ☎️ +91-7426014248 😍 Chennai Call Girl Beauty Girls Chennai...Call Girls Chennai ☎️ +91-7426014248 😍 Chennai Call Girl Beauty Girls Chennai...
Call Girls Chennai ☎️ +91-7426014248 😍 Chennai Call Girl Beauty Girls Chennai...
anilsa9823
 
Lessons Of Binary Analysis - Christien Rioux
Lessons Of Binary Analysis - Christien RiouxLessons Of Binary Analysis - Christien Rioux
Lessons Of Binary Analysis - Christien Rioux
crioux1
 
Cassandra to ScyllaDB: Technical Comparison and the Path to Success
Cassandra to ScyllaDB: Technical Comparison and the Path to SuccessCassandra to ScyllaDB: Technical Comparison and the Path to Success
Cassandra to ScyllaDB: Technical Comparison and the Path to Success
ScyllaDB
 
Chapter 6 - Test Tools Considerations V4.0
Chapter 6 - Test Tools Considerations V4.0Chapter 6 - Test Tools Considerations V4.0
Chapter 6 - Test Tools Considerations V4.0
Neeraj Kumar Singh
 
Day 4 - Excel Automation and Data Manipulation
Day 4 - Excel Automation and Data ManipulationDay 4 - Excel Automation and Data Manipulation
Day 4 - Excel Automation and Data Manipulation
UiPathCommunity
 
Call Girls Firozabad ☎️ +91-7426014248 😍 Firozabad Call Girl Beauty Girls Fir...
Call Girls Firozabad ☎️ +91-7426014248 😍 Firozabad Call Girl Beauty Girls Fir...Call Girls Firozabad ☎️ +91-7426014248 😍 Firozabad Call Girl Beauty Girls Fir...
Call Girls Firozabad ☎️ +91-7426014248 😍 Firozabad Call Girl Beauty Girls Fir...
jiaulalam7655
 
Guidelines for Effective Data Visualization
Guidelines for Effective Data VisualizationGuidelines for Effective Data Visualization
Guidelines for Effective Data Visualization
UmmeSalmaM1
 
How to Optimize Call Monitoring: Automate QA and Elevate Customer Experience
How to Optimize Call Monitoring: Automate QA and Elevate Customer ExperienceHow to Optimize Call Monitoring: Automate QA and Elevate Customer Experience
How to Optimize Call Monitoring: Automate QA and Elevate Customer Experience
Aggregage
 
From NCSA to the National Research Platform
From NCSA to the National Research PlatformFrom NCSA to the National Research Platform
From NCSA to the National Research Platform
Larry Smarr
 
intra-mart Accel series 2024 Spring updates_En
intra-mart Accel series 2024 Spring updates_Enintra-mart Accel series 2024 Spring updates_En
intra-mart Accel series 2024 Spring updates_En
NTTDATA INTRAMART
 
TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...
TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...
TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...
TrustArc
 
Building a Semantic Layer of your Data Platform
Building a Semantic Layer of your Data PlatformBuilding a Semantic Layer of your Data Platform
Building a Semantic Layer of your Data Platform
Enterprise Knowledge
 
Multimodal Retrieval Augmented Generation (RAG) with Milvus
Multimodal Retrieval Augmented Generation (RAG) with MilvusMultimodal Retrieval Augmented Generation (RAG) with Milvus
Multimodal Retrieval Augmented Generation (RAG) with Milvus
Zilliz
 
this resume for sadika shaikh bca student
this resume for sadika shaikh bca studentthis resume for sadika shaikh bca student
this resume for sadika shaikh bca student
SadikaShaikh7
 

Recently uploaded (20)

Database Management Myths for Developers
Database Management Myths for DevelopersDatabase Management Myths for Developers
Database Management Myths for Developers
 
An Introduction to All Data Enterprise Integration
An Introduction to All Data Enterprise IntegrationAn Introduction to All Data Enterprise Integration
An Introduction to All Data Enterprise Integration
 
Cyber Recovery Wargame
Cyber Recovery WargameCyber Recovery Wargame
Cyber Recovery Wargame
 
Summer24-ReleaseOverviewDeck - Stephen Stanley 27 June 2024.pdf
Summer24-ReleaseOverviewDeck - Stephen Stanley 27 June 2024.pdfSummer24-ReleaseOverviewDeck - Stephen Stanley 27 June 2024.pdf
Summer24-ReleaseOverviewDeck - Stephen Stanley 27 June 2024.pdf
 
Leveraging AI for Software Developer Productivity.pptx
Leveraging AI for Software Developer Productivity.pptxLeveraging AI for Software Developer Productivity.pptx
Leveraging AI for Software Developer Productivity.pptx
 
Dev Dives: Mining your data with AI-powered Continuous Discovery
Dev Dives: Mining your data with AI-powered Continuous DiscoveryDev Dives: Mining your data with AI-powered Continuous Discovery
Dev Dives: Mining your data with AI-powered Continuous Discovery
 
Call Girls Chennai ☎️ +91-7426014248 😍 Chennai Call Girl Beauty Girls Chennai...
Call Girls Chennai ☎️ +91-7426014248 😍 Chennai Call Girl Beauty Girls Chennai...Call Girls Chennai ☎️ +91-7426014248 😍 Chennai Call Girl Beauty Girls Chennai...
Call Girls Chennai ☎️ +91-7426014248 😍 Chennai Call Girl Beauty Girls Chennai...
 
Lessons Of Binary Analysis - Christien Rioux
Lessons Of Binary Analysis - Christien RiouxLessons Of Binary Analysis - Christien Rioux
Lessons Of Binary Analysis - Christien Rioux
 
Cassandra to ScyllaDB: Technical Comparison and the Path to Success
Cassandra to ScyllaDB: Technical Comparison and the Path to SuccessCassandra to ScyllaDB: Technical Comparison and the Path to Success
Cassandra to ScyllaDB: Technical Comparison and the Path to Success
 
Chapter 6 - Test Tools Considerations V4.0
Chapter 6 - Test Tools Considerations V4.0Chapter 6 - Test Tools Considerations V4.0
Chapter 6 - Test Tools Considerations V4.0
 
Day 4 - Excel Automation and Data Manipulation
Day 4 - Excel Automation and Data ManipulationDay 4 - Excel Automation and Data Manipulation
Day 4 - Excel Automation and Data Manipulation
 
Call Girls Firozabad ☎️ +91-7426014248 😍 Firozabad Call Girl Beauty Girls Fir...
Call Girls Firozabad ☎️ +91-7426014248 😍 Firozabad Call Girl Beauty Girls Fir...Call Girls Firozabad ☎️ +91-7426014248 😍 Firozabad Call Girl Beauty Girls Fir...
Call Girls Firozabad ☎️ +91-7426014248 😍 Firozabad Call Girl Beauty Girls Fir...
 
Guidelines for Effective Data Visualization
Guidelines for Effective Data VisualizationGuidelines for Effective Data Visualization
Guidelines for Effective Data Visualization
 
How to Optimize Call Monitoring: Automate QA and Elevate Customer Experience
How to Optimize Call Monitoring: Automate QA and Elevate Customer ExperienceHow to Optimize Call Monitoring: Automate QA and Elevate Customer Experience
How to Optimize Call Monitoring: Automate QA and Elevate Customer Experience
 
From NCSA to the National Research Platform
From NCSA to the National Research PlatformFrom NCSA to the National Research Platform
From NCSA to the National Research Platform
 
intra-mart Accel series 2024 Spring updates_En
intra-mart Accel series 2024 Spring updates_Enintra-mart Accel series 2024 Spring updates_En
intra-mart Accel series 2024 Spring updates_En
 
TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...
TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...
TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...
 
Building a Semantic Layer of your Data Platform
Building a Semantic Layer of your Data PlatformBuilding a Semantic Layer of your Data Platform
Building a Semantic Layer of your Data Platform
 
Multimodal Retrieval Augmented Generation (RAG) with Milvus
Multimodal Retrieval Augmented Generation (RAG) with MilvusMultimodal Retrieval Augmented Generation (RAG) with Milvus
Multimodal Retrieval Augmented Generation (RAG) with Milvus
 
this resume for sadika shaikh bca student
this resume for sadika shaikh bca studentthis resume for sadika shaikh bca student
this resume for sadika shaikh bca student
 

FS-ISAC 2014 Troubleshooting Network Threats: DDoS Attacks, DNS Poisoning and BGP Hijacks

  • 1. Troubleshooting Network Threats: DDoS Attacks, DNS Poisoning and BGP Hijacks Mohit Lad CEO, ThousandEyes
  • 2. 1 About ThousandEyes What We Do Our Customers’ Stories Network performance management designed for today’s dynamic and complex networks Used by 4 of the world’s top banks Founded in 2010 with an HQ in San Francisco CA and a London office Recognized by Gartner and EMA Reduced time to troubleshoot globally load balanced infrastructure Solved multi-week support issue due to an ISP cable cut in Asia Improved customer experience during the Brazil World Cup
  • 3. 2 Today’s Cyber Threat Landscape • Increasing size, frequency and severity of attacks • Exposure via external vendors (DNS, CDN, ISPs) • Greater complexity of corporate networks • Increasing importance of network for business operations
  • 4. 3 More Networks Connected to the Internet Source: CIDR Report Global Routing Table Growth
  • 5. 4 More Devices Connected to the Internet Source: Akamai State of the Internet Reports, Q2 2010-14; Akamai blog 1,600 1,400 1,200 1,000 800 600 400 200 0 2007 2008 2009 2010 2011 2012 2013 2014 Millions IPv6 IPv4 Unique IP Addresses Observed
  • 6. 5 Size of DDoS Attacks Increasing 50% YoY Source: Verizon Data Breach Report 2014
  • 7. 6 Major DDoS Attacks in 2014 400 350 300 250 200 150 100 50 0 Attack Volume Rising Major Attacks in 2014 Q4 12 Q1 13 Q2 13 Q3 13 Q4 13 Q1 14 Q2 14 February: Bitstamp April: UltraDNS August: PlayStation Network, Blizzard Source: Akamai State of the Internet Q2 2014
  • 8. 7 Three Network Security Threats We’ll Cover BGP Hijacks DDoS Attacks DNS Poisoning
  • 10. 9 A Primer on BGP Hijacks AS 14340 Salesforce AS 2914 NTT Autonomous System AS 7018 AT&T AS 3356 Level3 Border Router Salesforce advertises routes among BGP peers to upstream ISPs Salesforce.com advertises prefix 96.43.144.0/22 AT&T receives route advertisements to Salesforce via Level3 and NTT AS 4761 Indosat Traffic Path
  • 11. 10 A Primer on BGP Hijacks AS 14340 Salesforce AS 2914 NTT AS 7018 AT&T AS 3356 Level3 Indosat also advertises prefix 96.43.144.0/22, ‘hijacking’ Salesforce’s routes AS 4761 Indosat Traffic Path AT&T now directs Salesforce-destined traffic to Indosat
  • 12. 11 BGP Hijack: Normal Routes to PayPal PayPal / Akamai prefix Akamai Autonomous System Comcast upstream
  • 13. Locations with completely 12 BGP Hijack: Routes Advertised from Indosat PayPal / Akamai prefix Correct Autonomous System Hijacked hijacked routes Autonomous System
  • 14. 13 BGP Hijack: PCCW Has No Routes to PayPal PCCW Network only connected to Indosat Not to Akamai / PayPal
  • 15. 14 BGP Hijack: Causing All Traffic to Drop Traffic transiting PCCW has no routes and terminates
  • 17. 16 Network Topology of a DDoS Attack Attackers flood your web service from around the world Sydney Portland, OR London YourBank.com Chicago, IL Tokyo Atlanta Internet Enterprise
  • 18. 17 DDoS Mitigation Strategy 1: On-Premises Sydney Portland, OR London YourBank.com Chicago, IL Tokyo Atlanta Appliance at network edge monitors and mitigates application-layer attacks Internet On-Premises Enterprise DDoS Mitigation Appliance
  • 19. 18 DDoS Mitigation Strategy 2: ISP Collaboration Sydney Portland, OR ISP 1 London YourBank.com Chicago, IL Tokyo Atlanta Attack traffic is routed by ISPs to a remote-triggered black hole ISP 2 Internet Remote- Enterprise Triggered Black Hole
  • 20. 19 DDoS Mitigation Strategy 3: Cloud-Based Sydney Portland, OR London YourBank.com Chicago, IL Tokyo Atlanta Traffic is rerouted, using DNS or BGP, to cloud-based scrubbing centers and ‘real’ traffic is routed back to your network Internet Scrubbing Enterprise Center
  • 21. 20 Why Monitor DDoS Attacks Global Availability Mitigation Deployment Mitigation Performance Vendor Collaboration
  • 22. 21 DDoS Attack: Drop in Global Availability Problems at TCP connection and HTTP receive phases Global availability issues Availability dip to 0%
  • 23. 22 DDoS Attack: Increased Packet Loss and Latency Loss, latency and jitter Loss during height of attack
  • 24. 23 DDoS Attack: Congested Nodes in Upstream ISPs Nodes with >25% packet loss Packet loss in upstream ISPs Verizon and AT&T HSBC bank website under attack High packet loss from all testing points
  • 25. 24 DDoS Attack: Mitigation Effectiveness Verisign DDoS mitigation networks in yellow
  • 26. 25 DDoS Attack: Mitigation Handoff Using BGP New Autonomous System (VeriSign) Prior Autonomous System (HSBC) HSBC prefix New routes Withdrawn routes
  • 28. 27 DNS Cache Poisoning Local DNS Cache www.attack.com Attacker DNS Server dns.attack.com Authoritative DNS Server dns.website.com Attacker www.website.com Attacker inserts a false record into the DNS cache Unsecured DNS server, no DNSSEC, no port randomization User 1 User requests DNS record for www.website.com 2 Looks up record on spoofed name server 3 User accesses spoofed URL 4
  • 29. 28 Blocking Facebook in China DNS availability in China <10%
  • 30. 29 Redirecting Facebook to Alternate IP Addresses Facebook is typically routed to 173.252.110.27, except in China
  • 31. • Understand network topology and dependencies • Focus on critical network services 30 Key Capabilities to Monitor Network Security • Reachability to your address blocks • Path changes and more specific prefixes upstream Get global visibility Alert on routing to your network • DNS, CDN and hosting providers • DDoS mitigation vendors and ISPs Track efficacy of external services Implement DNSSEC • Prevent cache poisoning on your resolvers • Monitor for poisoning of your records on other networks
  • 32. It’s time to see the entire picture.