기술문서 DDos 공격대응 가이드
2017.08.25 17:57
DDos 공격대응 가이드
1. DDoS 공격대응 개요 ·································4
2. DDoS 공격대응 절차 ·································5
(1단계) 공격의 인지 ··············································5
(2단계) 공격유형 파악 ············································7
(3단계) 차단정책 정의 및 대응 ···································13
(4단계) 공격대응 및 사후조치 ····································16
(추가사항) DNS 공격대응 방안 ···································17
[별첨1] DDoS 공격대응 매뉴얼 ·························19
[별첨2] DDoS 공격차단을 위한 장비 및 현황 ············21
[별첨3] DDoS 공격유형 분류 및 설명 ···················23
1. DDoS 공격유형 분류 ··········································23
2. UDP/ICMP Traffic Flooding 공격 ·······························24
3. TCP Traffic Flooding 공격 ·····································25
4. IP Flooding 공격 ··············································27
5. HTTP Traffic Flooding 공격 ····································28
6. HTTP Header/Option Spoofing Flooding 공격 ···················31
7. 기타 서비스 마비공격 ·········································37
[별첨4] 주요 DDoS 공격유형별 대응방안 ················43
1. UDP/ICMP Traffic Flooding 공격방어 ···························43
2. SYN Flooding 공격방어 ·······································44
3. GET Flooding 공격방어 ·······································45
4. GET with Cache-Control 공격방어 ······························47
5. HTTP Continuation Data Flooding 공격방어 ·····················48
6. TCP Session 공격방어 ········································49
7. URL Redirect 우회 공격방어 ···································50
8. Slow HTTP POST 공격방어 ···································50
9. DNS 공격방어 ················································52
10. Hash DoS 공격방어 ··········································53
11. Hulk DoS 공격방어 ··········································54
[별첨5] 주요 DDoS 공격도구 분석결과 ··················56
- R.U.D.Y 기반의 Slow POST 공격분석 ···························56
- HTTP DoS Tool 기반의 Slow POST 공격분석 ···················63
- DRDoS (Distributed Reflection DoS) 공격분석 ····················71
- Anonymous WebLoic 공격도구분석 ······························73
- Hash DoS 공격유형 및 도구분석 ································76
- Hulk DoS 공격유형 및 도구분석 ································81
댓글 0
번호 | 제목 | 날짜 | 조회 수 |
---|---|---|---|
44 | windows_2008_security_guide.pdf | 2017.08.25 | 116 |
43 | 웹 서버 구축 보안점검 가이드 | 2017.08.25 | 168 |
42 | 보안점검 툴 | 2017.08.25 | 457 |
41 | 가우스 장애관련 | 2017.08.25 | 303 |
40 | Veritas SFCFS 점검 방법 | 2017.08.26 | 1633 |
39 | 패스워드및 계정 정책 설정 | 2017.08.30 | 2901 |
38 | HP-UX 유지보수 방안 | 2017.09.02 | 2310 |
37 | HP-UX 볼륨 추가 방법 | 2017.09.07 | 653 |
36 | HP-UX NFS 설정 | 2017.09.07 | 2954 |
35 | HP-UX 서버 H/W Spec 조사 | 2017.09.07 | 1563 |
34 | HP-UX snmp 중지 설정 | 2017.09.07 | 6864 |
33 | HP-UX에서 rsyncd 를 이용한 백업 설정 | 2017.09.07 | 1370 |
32 | vsphere admin 문서 자료 | 2017.09.09 | 114 |
31 | Process Explorer - 윈도우용 프로세서, 메모리, TCP 모니터링용 | 2017.09.09 | 548 |
30 | 한글 putty | 2017.09.13 | 12000 |
29 | winscp for windows | 2017.09.13 | 118 |
28 | uptime 갑인가? | 2017.09.13 | 510 |
27 | win-sshfs for windows | 2017.09.13 | 7770 |
26 | 웹로직 forceshutdown 시키는 스크립트 | 2017.09.13 | 166 |
25 | SSL, IPSEC | 2017.11.01 | 99 |