Return to lecture notes index
May 1, 2007 (Lecture 23)


Today we talked about security both from the perspective of an attacker and how we might defend against these attacks. We discussed many different DoS attacks, including SYN floods, Land attacks, ping floods, and Nukes among others. Some of these attacks attempt to use up one or more of the server's resources while others use up the bandwidth to the server. We discussed the use of firewalls and intrusion prevention systems as ways of defending against these attacks.

We also discussed Trespassing by exploiting software bugs in services running on the machine or in the protocol stack, by stealing user passwords, or by installing trojans. Defense against these attacks include firewalls, intrusion prevention systems, software patches, educating users, and honeypots.