applied security conferences and training: CanSecWest | PacSec | EUSecWest |

Security Masters Dojo

Advanced and intermediate security training and technology enhancement for information security professionals.

CanSecWest: Security Masters Dojo Vancouver

Principles of DDOS Mitigation

Register for the March 15, 2020 (1-day course)

Instructor(s):
Krassimir Tzvetanov

Description

In this class, attendees will go over the basics of Denial of Service. It starts with coverage of the different parts of the stack that can be attacked and transitions into a discussion about the currently popular types of DDoS: reflection attacks, SYN flood, Sloworis, etc.

While it covers different attack types, it supplements the attack descriptions with detailed technical explanation of the specific operating system components like sockets, buffers, etc.

Many CERT teams are helpless in the DDoS space, since it involves very narrow and specialized skill set. This class addresses this gap and provides the necessary hands on experience to solidify the knowledge.

PREREQUISITE WARNING Each class has prerequisites for software loads and a laptop is mandatory. These individual class guides will list material the students are expected have knowledge about coming in and software tools that need to be pre-installed before attending so you get the maximum benefit from the focused intermediate or advanced level course. Please pay particular attention to the prerequisites, as the material listed there will not be reviewed in the courses, and will be necessary to get the maximum benefit out of these educational programs.

The class is interlaced with a number of exercises allowing the attendees to manually configure different mitigations.

In general the workshop focuses on the technologies and not on particular vendor implementation. The test platform is vendor agnostic and uses a Linux VM to illustrate the attacks and mitigations.

Outline

The talk follows the following outline:

What you will need to bring:

Students must have a laptop with VMWare Playe or VBox. (*Note the latter does not perform as well.)