[cs615asa] Clarification for "Denial of Service"

Jan Schaumann jschauma at stevens.edu
Wed Apr 25 20:58:38 EDT 2018


Patrick A Grasso <pgrasso at stevens.edu> wrote:
 
> I was wondering what the term "denial of service" should mean with
> respect to SSH. It clearly should mean that the HTTP service is
> continually available, but it is not clear whether or not preventing
> other teams from logging onto a machine via SSH is considered "denial
> of service."

It is.

Normally, the goal for an attacker is to achieve their objective, but
remain undetected and still retain a foothold.  Anytime the regular
users of the system can't log in, they will start to realize that
something's weird.  The most expected response would be to terminate the
system and retain it for forensics, while putting a new system into
service, thereby defeating the attacker's goal.

But yes, team The Invincibles has captured the flag and currently holds
it.  Well done, Invincibles!

-Jan


More information about the cs615asa mailing list