Index
[SYMBOL]
[A]
[B]
[C]
[D]
[E]
[F]
[G]
[H]
[I]
[J]
[K]
[L]
[M]
[N]
[O]
[P]
[R]
[S]
[T]
[U]
[V]
[W]
[Y]
[Z]
D-WARD
Daemons.
[See agents, handlers, stepping stones.]
Damages. [See also cost of attacks.]
aggregating
cost-estimation model
estimating
hidden costs
ICAMP (Incident Cost Analysis and Modeling Project)
IRC (Internet Relay Chat)
loss, definition 2nd
trigger for federal statutes
United States v. Middleton
Data, as property
Datagrams.
[See packets.]
DDoS (distributed denial of service). [See also attacks, DoS.]
benefits for the attacker
definition
extortion trend
goals
history of.
[See evolution of DoS attacks.]
postal analogy
prognosis
DefCOM
Defense approaches. [See also tools.]
attack detection.
[See attack detection.]
attack response.
[See attack response.]
building secure systems
characterization
charges for packet sending
collateral damage
complete deployment
completeness
contiguous deployment
costs
deployment at specified points
deployment patterns
effectiveness
false negatives firewalls
false positives
general strategy
goals
hardening
incident response life cycle
large scale, widespread deployment
modification of protocols
NAT (Network Address Translation) box
obstacles
ongoing attacks
as a source
as a target
backscatter traceback
BGP-speaking routers
black hole routes
filtering
hardcoded IP addresses
liability issues
sinkhole networks
overview 2nd
post-mortem analysis
preparation
attack response
automatic response
closing unneeded ports
compartmentalizing your network
costs
critical versus non-critical services
custom defense systems
disabling unneeded services
discovering active services
disk I/O performance
end host vulnerability
estimating damage costs
fault-tolerance
filtering incoming traffic
hiding
identifying bottlenecks
incident response life cycle
ingress/egress filtering
insurance coverage
ISP agreements 2nd
MAC (mandatory access control)
manual response
memory utilization
network I/O performance
network risk assessment
number of server processes
overprovisioning 2nd
processor utilization
risk assessment
scalability
securing end hosts
segregated services
swapping/paging activity
system tuning
protection
attack prevention
endurance approach
host vulnerabilities
hygiene
network organization
packet filtering
reaction 2nd
research
ACC (aggregate congestion control)
Bloom filters
client legitimacy
congestion signatures
connection depletion attacks
COSSACK (COordinated Suppression of Simultaneous AttaCKs)
D-WARD
DefCOM
detection and control of attacks
entropy principle
flash crowds
flooding-style attacks 2nd
hash-based traceback
HCF (Hop-Count Filtering)
locality principle
NetBouncer
Pi filtering
PPM (probabilistic packet marking)
prognosis
proof of work
pushback
rate limiting 2nd
SIFF
SOS (Secure Overlay Services)
source-based defense
SPIE (source path isolation engine)
SPIEDER
target-based defense
target-resident DoS filters
traceback
serving legitimate traffic
social challenges
source validation
hiding
one-way functions
proof of work
resource allocation
reverse Turing test
TCP SYN cookie approach
trapdoor functions
technical challenges
throttling packet flow
wide deployment, requirements
Defense locations
in the middle
multiple locations
near the attacker
near the target
tragedy of the commons
Defense strategies.
[See defense approaches, prevention, detection, reaction.]
Degradation of service
Deloder worm
DeMilitarized Zone (DMZ).
[See DMZ.]
Denial of service (DoS).
[See DoS (denial of service).]
"Denial-of-Service Developments," (CA-2000–01)
"Denial-of-Service Tools," (CA-1999–17)
Department of Justice Cybercrime Web site
Deployment patterns
Detection. [See also attack detection.]
anomalies
definition
description
general defense strategy
misbehavior
of DoS tools
signatures
"Developing an Effective Incident Cost Analysis Mechanism,"
Dietrich, Sven
DDoS analysis
history of DoS
mstream analysis 2nd 3rd 4th 5th 6th
Shaft analysis 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th
Stacheldraht analysis 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th
tool analysis
Direct commands
Disabling unneeded services
Disclosure versus nondisclosure
Discovering active services
Disk I/O performance
Distributed computing, evolution of
Distributed denial of service (DDoS).
[See DDoS (distributed denial of service), DoS.]
"Distributed Denial of Service Tools" (IN-99–04)
"Distributed Denial of Service Tools" (Sun Bulletin #00193)
Distributed System Intruder Tools (DSIT) Workshop 2nd 3rd 4th 5th
Dittrich, David
"Active Response to Computer Intrusions,"
"Basic Steps in Forensic Analysis of UNIX Systems,"
DDoS analysis
DDoS Web page
"Developing an Effective Incident Costs Analysis Mechanism,"
host-and-network-oriented scanners
IDS signatures
mstream analysis 2nd 3rd 4th 5th 6th
"Power bot" analysis
rootkit FAQ
Shaft analysis 2nd 3rd 4th 5th 6th 7th
Stacheldraht analysis 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th
tcpdstat modifications
TFN analysis
tool analysis 2nd
trinoo analysis
DMZ (DeMilitarized Zone)
description
filtering 2nd
traffic capture
DNS (Domain Name Service)
definition
false requests, evolution of
Don't Panic
DoS (denial of service). [See also attacks.]
definition
goals
history of.
[See Internet; evolution.]
postal analogy
DoS programs
Dropping legitimate packets
Dshield
DSIT (Distributed System Intruder Tools) Workshop 2nd 3rd 4th
Dual criminality
|
