DDos 공격대응 가이드 - kisa 자료
2017.10.31 00:35
첨부 : DDoS 공격대응 가이드.pdf
1. DDoS 공격대응 개요 ·································4
2. DDoS 공격대응 절차 ·································5
(1단계) 공격의 인지 ··············································5
(2단계) 공격유형 파악 ············································7
(3단계) 차단정책 정의 및 대응 ···································13
(4단계) 공격대응 및 사후조치 ····································16
(추가사항) DNS 공격대응 방안 ···································17
[별첨1] DDoS 공격대응 매뉴얼 ·························19
[별첨2] DDoS 공격차단을 위한 장비 및 현황 ············21
[별첨3] DDoS 공격유형 분류 및 설명 ···················23
1. DDoS 공격유형 분류 ··········································23
2. UDP/ICMP Traffic Flooding 공격 ·······························24
3. TCP Traffic Flooding 공격 ·····································25
4. IP Flooding 공격 ··············································27
5. HTTP Traffic Flooding 공격 ····································28
6. HTTP Header/Option Spoofing Flooding 공격 ···················31
7. 기타 서비스 마비공격 ·········································37
[별첨4] 주요 DDoS 공격유형별 대응방안 ················43
1. UDP/ICMP Traffic Flooding 공격방어 ···························43
2. SYN Flooding 공격방어 ·······································44
3. GET Flooding 공격방어 ·······································45
4. GET with Cache-Control 공격방어 ······························47
5. HTTP Continuation Data Flooding 공격방어 ·····················48
6. TCP Session 공격방어 ········································49
7. URL Redirect 우회 공격방어 ···································50
8. Slow HTTP POST 공격방어 ···································50
9. DNS 공격방어 ················································52
10. Hash DoS 공격방어 ··········································53
11. Hulk DoS 공격방어 ··········································54
[별첨5] 주요 DDoS 공격도구 분석결과 ··················56
- R.U.D.Y 기반의 Slow POST 공격분석 ···························56
- HTTP DoS Tool 기반의 Slow POST 공격분석 ···················63
- DRDoS (Distributed Reflection DoS) 공격분석 ····················71
- Anonymous WebLoic 공격도구분석 ······························73
- Hash DoS 공격유형 및 도구분석 ································76
- Hulk DoS 공격유형 및 도구분석 ································81
댓글 0
번호 | 제목 | 날짜 | 조회 수 |
---|---|---|---|
65 | hpux 소프트웨어 설치및 제거 | 2018.02.27 | 371 |
64 | UNIX,Linux Command 비교 | 2018.02.27 | 2617 |
63 | hpux ndd tuning | 2018.02.28 | 923 |
62 | SUN 솔라리스 보안취약점 조치 방안 | 2018.03.05 | 547 |
61 | Cain & Abel is a password recovery tool | 2018.03.12 | 8071 |
60 | BroadCast 주소 | 2018.04.03 | 442 |
59 | name server 보안 (bind) | 2018.04.26 | 1492 |
58 | http protocol 기본적인 이해 | 2018.04.27 | 217 |
57 | HTTP Status Code HTTP 상태 코드 | 2018.05.03 | 573 |
56 | Parameters for Web Server Plug-Ins | 2018.05.10 | 2436 |
55 | 시스템 보안 과목 예상문제 풀이 | 2018.05.26 | 767 |
54 | GeoIP 를 이용한 Apache 설정 - 국가별 접속 차단 | 2018.06.13 | 656 |
53 | hpux cron job 실행 에러 처리 방안 | 2018.07.06 | 353 |
52 | netcat | 2018.10.09 | 1194 |
51 | [python] MySQL 사용법 예제 | 2018.10.24 | 523 |