Question
In: Computer Science
In order to implement a DNS amplification attack, the attacker must trigger the creation of a...
In order to implement a DNS amplification attack, the attacker
must trigger the creation of a sufficiently large volume of DNS
response packets from the intermediary to exceed the capacity of
the link to the target organization. Consider an attack where the
DNS response packets are 1000 bytes in size (ignoring framing
overhead).
a. How many of these packets per second must the attacker
trigger to flood a target organization using a 30-Mbps link? A
100-Mbps link? Or a 1-Gbps link?
b. If the DNS request packet to the intermediary is 60 bytes
in size, how much bandwidth does the attacker consume to send the
necessary rate of DNS request packets for each of these three
cases?
Solutions
Expert Solution
Size of DNS response packet = 1000 bytes = 8000 bits
(a) Let's find the packet rate for each of the links.
For 30 Mbps link, packet rate = 30000000 / 8000 = 3750 packets per second
For 100 Mbps link, packet rate = 100000000 / 8000 = 12,500 packets per second
For 1 Gbps link, packet rate = 1000000000 / 8000 = 125,000 packets per second
(b) Size of DNS request packet to the intermediary = 60 bytes = 60 * 8 = 480 bits
Now let's find the bandwidth for each of these links.
For the 30 Mbps links, we had 3750 packets per second. Bandwidth = 3750 * 480 = 1.8 Mbps
For the 100 Mbps links, we had 12,500 packets per second. Bandwidth = 12,500 * 480 = 6 Mbps
For the 1 Gbps links, we had 125,000 packets per second. Bandwidth = 125,000 * 480 = 60 Mbps
_______________________________________________________________
Let me know if you have any doubts in the comments. Please upvote if the answer helped you.
venereology answered 1 year agoRelated Solutions
In order to implement the classic DoS flood attack, the attacker must generate a sufficiently large...
In order to implement the classic DoS flood attack, the
attacker must generate a sufficiently large volume of packets to
exceed the capacity of the link to the target organization.
Consider an attack using ICMP echo request (ping) packets that are
500 bytes in size (ignoring framing overhead). How many of these
packets per second must the attacker send to flood a target
organization using a 30-Mbps link? How many per second if the
attacker uses a 100-Mbps link? Or...
in order to destroy a DNS server what kind of attack can you propose? discuss possible...
in order to destroy a DNS server what kind of attack can you
propose? discuss possible protections to your proposals
Network security question: what is dns? how does it work? identify the attack surface of dns....
Network security question:
what is dns? how does it work? identify the attack surface of dns.
clearly detail how the exploitable services of dns can be
attacked
Give three different techniques that an attacker can use to make a victim send DNS requests...
Give three different techniques that an attacker can use to make a
victim send DNS requests to domains chosen by the attacker.
Consider a distributed variant of the attack in the previous problem. Assume the attacker has compromised...
Consider a distributed variant of the attack in the previous
problem. Assume the attacker has compromised a number of
broadband-connected residential PCs to use as zombie systems. Also
assume each such system has an average uplink capacity of 512
kbps.
* a. What is the maximum number of 500-byte ICMP echo request
(ping) packets a single zombie PC can send per second?
* b. How many such zombie systems would the attacker need to
flood a target organization using a...
Using a TCP SYN spoofing attack, the attacker aims to flood the table of TCP connection...
Using a TCP SYN spoofing attack, the attacker aims to flood
the table of TCP connection requests on a system so that it is
unable to respond to legitimate connection requests. Consider a
server system with a table for 256 connection requests. This system
will retry sending the SYN-ACK packet five times when it fails to
receive an ACK packet in response, at 30 second intervals, before
purging the request from its table. Assume that no additional
countermeasures are used...
Using a TCP SYN spoofing attack, the attacker aims to flood the table of TCP connection...
Using a TCP SYN spoofing attack, the attacker aims to flood the
table of TCP connection requests on a system so that it is unable
to respond to legitimate connection requests. Consider a server
system with a table for 256 connection requests. This system will
retry sending the SYN-ACK packet five times when it fails to
receive an ACK packet in response, at 30 second intervals, before
purging the request from its table. Assume that no additional
countermeasures are used...
Implement a stored procedure to handle a complete transaction. Also implement a trigger to validate data...
Implement a stored procedure to handle a complete transaction.
Also implement a trigger to validate data before a transaction is
permitted to execute.
Schema:
Customer Table
CustomerID (PK).
FirstName (NOT NULL).
LastName (NOT NULL).
Address.
City.
State.
Zip.
Country.
Phone.
Email (UNIQUE and NOT NULL).
Username (UNIQUE and NOT NULL).
Password (NOT NULL).
Order Table
OrderID (PK).
CustomerID (FK).
OrderDate.
ShipDate.
Order Detail Table
OrderDetailID (PK).
OrderID (FK).
ProductID (FK).
Price.
Quantity (CHECK > 0).
Product Table
ProductID (PK).
CategoryID...
What is a DNS cache poisoning attack, and how does it affect a network client? How...
What is a DNS cache poisoning attack, and how does it affect a
network client?
How does the Response Rate Limiting role feature mitigate a DNS
amplification attack?
What are the two keys that must be generated if you want to
secure a zone with a digital signature? What is the purpose of
each?
What is DNS delegated administration, why might you want to use
it, and how do you configure it?
How are trust anchors distributed?
A successful attack to the Internet DNS would be devastating. Explain what type of attacks can...
A successful attack to the Internet DNS would be devastating.
Explain what type of attacks can be made towards DNS. Why, to-date,
such attacks in practice have not been successful? In your answer,
you should consider caching in particular. Why such technique has
not only proven to provide better performance, which is its
original goal, but also protection against security attacks.
ADVERTISEMENT
ADVERTISEMENT
Latest Questions
- Suppose a company is looking to hedge a risk in the derivatives market. What, fundamentally, is...
- Training and Development assignment. Describe the usage of Computer Based Training (CBT) in McDonald's Company training...
- PUT IN JAVA PROGRAMMING LANGUAGE The Rectangle class: Design a class named Rectangle to represent a...
- Journal article summary on inter-group conflict Peer Reviewed Journal article from past 3 years. Please include...
- "Ethical Considerations" Please respond to the following: Reflect upon the responsibilities placed on auditors by the...
- A Japanese company has a bond outstanding that sells for 93 percent of its ¥100,000 par...
- What is the difference among the principles of modularization, abstraction, encapsulation, and separation of interface and...
ADVERTISEMENT