Denial
of Service attack or simply DoS attack is kind of a attack in which
attacker is able to consume so much memory of the target system, as a
result it cannot serve the legiminate user, or it causes the target
system crash or reboot. Nowadays DoS attack are considered very deadly
due to their after attack impact.
There are many types of DoS attacks, the most popular of which are described below:
- Smuf attacks
- SYN-flood attacks
- Land attack
- UDP-flood attack
Smuf
attack is kind of a brute-force DoS attack in which hude amount of ping
request are sent to the target computer from spoofed IP address, which
hooks up the resource of the target computer resulting in a crash or
reboot
SYN-Flooder Attack
This
is one of the most easiest DoS attach which can be executed on the
target system. In this kind of a attack the target system is flooded
with full connection request from spoofed IP address. As target system
tries to establish a full connection with all the connection request via
Three-Way-Handshake, as a result all system resources are utilized
resulting in a crash or reboot.This
is because when the attacker requests for the connection to the target
it sends a SYN packet from the spoofed IP source, to complete the
connection target sends SYN/ACK packet to spoofed IP address and waits
to recieve a ACK packet in order to complete the connection consuming
some memory. When huge amount of connection request are send to the
target from spoofed source, all the resources are consumed.
Land Attack
This kind of DoS attack is simliar to SYN-flooder attack the only difference is that instead of sending connection request from spoofed source it sends the connection request from target computer's IP address.
UDP-Flood Attacks
This DoS attack basically exploits target system's echo service to create infinite loops bewteen two or more of UDP services.
Wikipedia explain UDP-Flood attack as:
A UDP flood attack is a denial-of-service (DoS) attack using the User Datagram Protocol (UDP), a stateless computer networking protocol.
Using UDP for denial-of-service attacks is not as straightforward as with the Transmission Control Protocol (TCP). However, a UDP flood attack can be initiated by sending a large number of UDP packets to random ports on a remote host. As a result, the distant host will:
- Check for the application listening at that port;
- See that no application listens at that port;
- Reply with an ICMP Destination Unreachable packet.
Thus,
for a large number of UDP packets, the victimized system will be forced
into sending many ICMP packets, eventually leading it to be unreachable
by other clients. The IP address of outgoing packets may also be spoofed,
ensuring that the excessive ICMP return packets do not reach the
attacker, simultaneously making it harder to determine the source of the
attack.
This attack can be managed by deploying firewalls at
key points in a network to filter out unwanted network traffic. The
potential victim never receives and never responds to the malicious UDP
packets because the firewall stops them.
0 comments:
Post a Comment