Implementación de los controles aplicables a una infraestructura de red para minimizar los ataques drdos que afectan al protocolo udp

Abstract

UDP (User Datagram Protocol) is a protocol widely used in servers where is required traffic without delay, the drawback of this type of protocol is the lack of recognition in the communications this in together with the vulnerabilities presented by the NTP server and the IP protocol, causes it to be the desired objective for the development of Distributed Reflected Denial (DRDOS) attacks. This perpetration technique makes use of the spoofing of IP addresses, reflection and amplification, to generate large volumes of responses that the server will send to the victim the involuntarily. The use of the Bit-twist and Wireshark applications provided the necessary guidelines to simulate the DRDOS attack on the network infrastructure recreated in the GNS3 tool and VMware for the virtual creation of the equipments. This favored the development of two types of controls that helped to find the correct solution to deal with this type of attack, the first control was carried out in the router interface, in which the CAR speed access policies were configured Committed Access Rate where packets that do not comply with the stipulated speed limit are discarded, this means that multiple requests are not sent to the server, which cause the denial of services. The second control was established on the NTP server which restricts the traffic that the attacker can observe. The solution was finally developed and the DRDOS attack was no longer effective, thus achieving the implementation of a more robust and difficult network to perpetrate.