Internet - Tracing the Source of Denial of Service Attacks :: Exploratory Essays Research Papers

Tracing the Source of Denial of Service Attacks Abstract Denial of service of process attacks are becoming increasingly prevalent and serious, further the anonymity that these attacks affords the hacker provides no means for a victim to trace the attack. The weakness of the TCP/IP protocol allows for this anonymity, yet it would be very tricky to change this protocol. Savage, Wetherall, Karlin, and Anderson present a method for tracing back the source IP address and network path of refutation of service attacks. As the mesh becomes increasingly vital to the everyday life of millions of people around the world, it also becomes increasingly vulnerable to hackers. Through forcing servers or web sites to shut down, hackers have the major power to affect almost every aspect of modern society finances, safety, education, and many others. One common method used by hackers to maliciously affect these servers is the denial of service attack. Savage, Wetherall, Karlin, and Anderson de fine a denial of service attacks as those that consume the resources of a remote host or network, thereby denying or degrading service to legitimate users. Such attacks are among the hardest security problems to address because they are simple to implement, difficult to prevent, and very difficult to trace.1 Denial of service attacks, and the means for servers to vie with and trace such attacks, present numerous ethical issues. The Computer Emergency Response Team, CERT, is a group based at Carnegie Mellon University. CERT describes their goal as to field Internet security vulnerabilities, provide incident response services to sites that have been the victims of attack, publish a variety of security alerts, do research in wide-area-networked computing, and break down information and training to help you improve security at your site. 2 This simple description presents an ethical dilemma should this team publish information roughly new vulnerabilities that pull up stakes provid e hackers with the sources from which to create new DOS attacks? As new software packages are developed at an increasing rate, there will inevitably be more bugs that will provide vulnerabilities to DOS attacks. If hackers have equal access to information about these vulnerabilities as do system administrators, fag end the system administrators keep up with the hackers? A fairly simple observation seems to answers this question. In modern society, it is increasingly difficult to keep secrets. For example, a few historic period ago, Intel encountered a bug in the Pentium chip, but did not release information about this bug.