Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online

    Free Trial

    Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • DownloadDownload
    • PrintPrint
    Share this Page URL
    Help

    5. The Intelligence Component to Cyber W... > The Korean DDoS Attacks (July 2009)

    The Korean DDoS Attacks (July 2009)

    The first set of information that came into the hands of Project Grey Goose investigators was the technical characteristics of the attacks. This information is typically shared between Internet security firms and is fairly objective and noncontroversial.

    The best technical analysis came from the Vietnamese security firm BKIS. Figure 5-1 shows a breakdown of what was known about the attacks after BKIS gained control of two of the command and control (C&C) servers.

    BKIS diagram of the MyDoom attack program

    Figure 5-1. BKIS diagram of the MyDoom attack program

    Thanks to information shared between KR CERT and AP CERT (of which BKIS is a member), BKIS researchers were able to gain access to two of the C&C servers and determined that the botnet was controlled by a total of eight C&C servers. The zombie PCs in this botnet were instructed to log onto a different, randomly chosen server every three minutes.


      

    You are currently reading a PREVIEW of this book.

                                                                                            

    Get instant access to over
    $1 million worth of books and videos.

      

    Start a Free Trial


      
    • Safari Books Online
    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • DownloadDownload
    • PrintPrint