What is Denial of Service Attack | Dos Attack?


Hello everyone, by reading our previous post you might know that what is Ddos attack and how does it work? so today I want to share you a detailed tutoriallon denial of service attack and it's technique so lets get started Denial of Service or (DoS) or sometime referred as Distributed Denial of Service (DDos) attacks have matured from mere annoyances to severe high-profile attacks to e-commerce sites. When performing DoS attacks there are alot of approached techniques, including the famous but old "Ping of Death" which will be covered in this tutorial. DoS has been raging on since the 90's, getting more advanced and more serious. This tutorial is going to explain the jist of it to you.

We will start at the beginning and I will start by saying that if you plan to bring down a site with DoS its probably going to take more than 1 computer. The rage which has hit with DoS is DDoS (distributed denial of service) which is a DoS attack, but not done by one user, done by many users or a bot armie. A famous DDoS attack is the one done to GNR.com the attack completely took up all the sites bandwith within seconds. There site was recorded to have been attack by 456 Windows users. Now that you understand the god like power of this raging and more feared attack. Lets move on to the different types of DoS attacks.

Fragmentation overlap

By forcing the OS to deal with overlapping TCP/IP packet fragments, this attack caused many OSs to suffer crashes and resource starvation. Exploit code was realeased with names such as bong,boink, and teardrop.

Oversized Packets

This is called the "Ping of Death" (ping -1 65510 192.168.2.3) an a Windows system (where 192.168.2.3 is the IP adress of the intended slave). What is happening is the attacker is pinging every port on the victims computer causing it to echo back 65510 requests. Another example is a jolt attack a simple C program for OSs whose ping commands wont generate oversized packets. The main goals of the "Ping of Death" is to generate a packet size that exceeds 65,535 bytes. Which can abrubtly cause the slave computer to crash. This technique is old!

Nuke Attack

Yet another old form of attack this is related to a Windows vunlnerablity of some years ago that sent out-of-band(OOB) packets. To the consenting computer causing it to crash.

SYN floods

A newer technique of DoS is SYN floods, basically this is done through a 3 step process, better known as the three way handshake. When a TCP connection is initiated this occurs. Under some normal circumstances, a SYN packet is sent from a specific port on system 1 to a specific port on system 2 that is in the LISTEN state. Then the potential connection on system 2 is in a SYN_RECV state. At this stage system 2 will attempt to send back a SYN/ACK packet to system 1.If all works out, system 1 will send back an ACK packet, and the connection will move to an ESTABLISHED state. Now thats what happens most of the time, but a SYN flood is different it creates a half open connection. Most systems can sustain hundreds of connections on a specific port, but it will only take a few half open connections to exhaust all the resources on the computer.

Smurf Attack

The smurf attack was one of the first to demonstrate the use of unwitting DoS amplifiers on the Internet. A smurf takes advantage of directed broadcasts and requires a minimum of three actors: the attacker, the amplifying network, and the slave. What happens is the attacker sends out spoofed ICMP ECHO packets to the broadcast address of the amplifying network. The source address of packets is forged to make it appear as if the slave system has initiated the request. Then all hell breaks loose!!! Because the ECHO packet was sent to the broadcast address, all systems on the amplifying network will respond to the slave. Now take a thought if the attacker sends just a single ICMP packet to an amplifying network which contains 500 systems that will respond to a broadcast ping, the attacker has now succeeded in multiplying the DoS attack by a magnitude of 500!

Fraggle Attack

A fraggle attack is the same as a smurf attack, but it uses UDP ports instead.

DDoS Attack

This is a much harder to block kind of attack, it has been used against big sites such as E-Trade, Ebay, and countless others. The problem with these attacks there very hard to trace. Most traces can link back to @Home users! The new DDoS attacks are termed Zombies or Bots. These bots rely heavily on remote automation techniques borrowed from Internet Relay Chat (IRC) scripts of the same name. A group of zombies under the control of a single person is called a zombie network or a bot army. The master of these armys or networks can do full fledged DDoS attacks or SYN floods. The basic estimate size of zombie networks are from a few systems to 150,000 systems. Even a few hundred machines could prove very dangerous.

Respected Readers:
We educate thousands of bloggers a week with our tutorials. To help us go ahead with the same spirit, a small contribution from your side will highly be appreciated.


If you enjoyed this post and wish to be informed whenever a new post is published, then make sure you subscribe to our regular Email Updates!

Thanks for making this possible! Kindly Bookmark and Share it.
Technorati Digg This Stumble Facebook Twitter
YOUR ADSENSE CODE GOES HERE

0 Comments:

Confused? Feel free to ask

 
  • band Icons and buttons

    Icons and Buttons

    Our resources have been successfully downloaded over 10K times and found almost every where. Get yours!

  • choosing webhost for a blog

    Why HostGator?

    Learn Why we chose HostGator as our Web Host and find discount coupons to kick start your blog today!

  • SEO Settings for blogger

    ALL IN ONE SEO PACK 2012

    Learn every single SEO tip that will boost your blog's ranking and organic traffic. We got them all!

  • Blogger widgets and plugins

    Visit band's Blogger LAB

    Why not take a tour of all great Blogger widgets published so far? You Name it we have it!

  • become a six figure blogger!

    Become a SIX FIGURE BLOGGER

    Learn what it takes to become a successful entrepreneur and build a living online!

| Live Hack Tools © 2012. All Rights Reserved | Contact | About |