Chapter 4Denying Service

There is no denying that without certain critical services working, the Internet would grind to a halt. Many users would suffer from degraded performance while others might simply experience a complete outage. Along with the DNS (Domain Name System), the NTP (Network Time Protocol) is key to the successful operation of the Internet. In this chapter, I'll spend some time describing how attackers might try to prevent critical services from working correctly.

Unfortunately for those who are responsible for keeping the Internet working, it's possible to attack large sections of the Internet's DNS and NTP infrastructure using a variety of methods. For example, DDoS (Distributed Denial of Service) attacks of the past were primarily designed to take an online service down or at least disrupt its users in a highly frustrating manner, possibly in order to gain a competitive advantage or receive payment of a ransom. Current thinking is that such attacks are now used as smoke screens to disguise other malicious security exploits.

One report, published in 2014 by Kaspersky Lab, estimated that small- to medium-sized businesses would spend around US$52,000 dollars on a DDoS attack. That figure would rise to around US$444,000 for enterprises that experienced such attacks. When you factor in loss of reputation, customer ill will at having to use slow online services (if they were available at all), and payment transactions failing (which might require manual involvement ...

Get Linux Server Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.