15.2.09

Denial Of Service


A DOS attack is an attack through which a person can render a system unusable . or significantly slow it down for legitimate users , by overloading its resources . ( most likely crash)

Goals of attacker :

- Flood a Network
- Disrupt a connection
- Disrupt a service to a specific system

Impacts :

- Disabled Network
- Disabled organization
- Financial loss

Types:

- DOS
- DDOS ( Distributed Denial Of Service )


Classification:

- Smurf
- Buffer over flow
- Ping of death
- Teardrop
- SYN attack

Smurf

Spoofed source IP set a large amount of ICMP echo traffic to a victim host and caused overwhelm the network victim connection .

Buffer overflow

Some programmes write more information into the buffer than it has allocated in the memory . e.g. Sending an email message that have attachments with 256 – character file names can cause .

Ping Of Death

The attacker sends an IP packet larger than the 65535 allowed by IP protocol. The identity of attacker can be easily spoofed.

Teardrop

It is a UDP attack which uses overlapping offset fields to bring down hosts. If the receiving system cannot aggregates the packets it can crash the system.

SYN attack

The attacker send TCP SYN request to victim , so host allocates memory to the connection. This attack exploit the tree-way handshake. When host A receive a SYN request from host B it tracks connection and port partially opened at least for 75 seconds.


Tools

TARGA – NEMESY –CRAZY PINGER – PANTHER 2 – UDP FLOOD and etc.

2 comments:

F.Security said...

You forgot another 2 classifications!

1-Viruses:
Computer viruses, which replicate across a network in various ways, can be viewed as denial-of-service attacks where the victim is not usually specifically targetted but simply a host unlucky enough to get the virus. Depending on the particular virus, the denial of service can be hardly noticeable ranging all the way through disastrous.

2-Physical Infrastructure Attacks:

Here, someone may simply snip a fiber optic cable. This kind of attack is usually mitigated by the fact that traffic can sometimes quickly be rerouted.

There are ways of preventing many forms of DoS attacks.

Anonymous said...

thanx . U r right ..