기술문서 DDos 공격대응 가이드
2017.08.25 17:57
DDos 공격대응 가이드
1. DDoS 공격대응 개요 ·································4
2. DDoS 공격대응 절차 ·································5
(1단계) 공격의 인지 ··············································5
(2단계) 공격유형 파악 ············································7
(3단계) 차단정책 정의 및 대응 ···································13
(4단계) 공격대응 및 사후조치 ····································16
(추가사항) DNS 공격대응 방안 ···································17
[별첨1] DDoS 공격대응 매뉴얼 ·························19
[별첨2] DDoS 공격차단을 위한 장비 및 현황 ············21
[별첨3] DDoS 공격유형 분류 및 설명 ···················23
1. DDoS 공격유형 분류 ··········································23
2. UDP/ICMP Traffic Flooding 공격 ·······························24
3. TCP Traffic Flooding 공격 ·····································25
4. IP Flooding 공격 ··············································27
5. HTTP Traffic Flooding 공격 ····································28
6. HTTP Header/Option Spoofing Flooding 공격 ···················31
7. 기타 서비스 마비공격 ·········································37
[별첨4] 주요 DDoS 공격유형별 대응방안 ················43
1. UDP/ICMP Traffic Flooding 공격방어 ···························43
2. SYN Flooding 공격방어 ·······································44
3. GET Flooding 공격방어 ·······································45
4. GET with Cache-Control 공격방어 ······························47
5. HTTP Continuation Data Flooding 공격방어 ·····················48
6. TCP Session 공격방어 ········································49
7. URL Redirect 우회 공격방어 ···································50
8. Slow HTTP POST 공격방어 ···································50
9. DNS 공격방어 ················································52
10. Hash DoS 공격방어 ··········································53
11. Hulk DoS 공격방어 ··········································54
[별첨5] 주요 DDoS 공격도구 분석결과 ··················56
- R.U.D.Y 기반의 Slow POST 공격분석 ···························56
- HTTP DoS Tool 기반의 Slow POST 공격분석 ···················63
- DRDoS (Distributed Reflection DoS) 공격분석 ····················71
- Anonymous WebLoic 공격도구분석 ······························73
- Hash DoS 공격유형 및 도구분석 ································76
- Hulk DoS 공격유형 및 도구분석 ································81
댓글 0
| 번호 | 제목 | 날짜 | 조회 수 |
|---|---|---|---|
| 140 | IPv4, IPv6 | 2017.11.01 | 108 |
| 139 | weblogic wlst 기반 암호화파일 복호화 (AES) | 2021.04.06 | 109 |
| 138 |
Weblogic 보안설정
 | 2017.08.25 | 111 |
| 137 | HTTP Header | 2017.11.01 | 112 |
| 136 | 법규 - 추가작성 | 2017.11.01 | 113 |
| 135 | 디지털 컨텐츠 보호 | 2017.11.01 | 113 |
| 134 |
vsphere admin 문서 자료
| 2017.09.09 | 114 |
| 133 | /etc/xinetd.conf 설정 값 | 2017.11.09 | 114 |
| 132 |
windows_2008_security_guide.pdf
| 2017.08.25 | 116 |
| 131 | 쉘쇼크(Shellshock) | 2017.11.07 | 116 |
| 130 |
winscp for windows
| 2017.09.13 | 118 |
| 129 |
Ipsec for windows
| 2017.08.23 | 126 |
| 128 |
DNS (Domain Name Service)
| 2017.11.01 | 129 |
| 127 |
Ftp passive mode
| 2017.08.24 | 132 |
| 126 |
어플리케이션 보안
| 2017.11.01 | 133 |
