Go4Expert (http://www.go4expert.com/)
-   Ethical hacking Tips (http://www.go4expert.com/articles/ethical-hacking-tutorials/)
-   -   Denial Of Service Attacks: (http://www.go4expert.com/articles/denial-service-attacks-t13062/)

GreenGrass 19Aug2008 19:01

Denial Of Service Attacks:

Ping Of Death Attack:

This is a very old Denial of Service attack method, it will indicate to send a ping request to a remote computer. The normal size to a ping request is 8 in size but this one will be 65.536 in size. When a so large ping packet is reaching the host the computer doesn’t know how to handle a so big packet. So the computer to the victim will even crash or hang. This attack can easily be execute from command prompt with typing 'Ping -l 65.536 www.google.com' this attack will normally don't have any effect today since everyone have a working firewall. This attack is coming from an exploit in the TCP/IP Suit.

TearDrop Attack:

This is a Denial of Service attack this will indicate that you are making the victims computer to send a Packet so will be so will be transported by the TCP to the remote computer. When ever a packet will be sent over the internet the will be broken down into smaller datagram’s when that happened they will get a unique number so the TCP know how to rebuild them into normal size when they have reached the host. What happened here it wont get the unique number so when the are coming to the remote computer it can't restore them to normal size. When this happened it will send any new request to the host computer to send new packets the same problem will occur again and it will use up all the resources on the host computer so it will even crash or hang. This is an exploit in the TCP/IP Suit. It will also indicate that the attacker is using a Spoofed IP-address.

SYN Flooding Attack:

These will be a very common Denial of Service attack. It will indicate that a Spoofed IP-Address want to make direct connection with you when this happened. It will send a lot of SYN Packet request to your computer. When this happened your computer reply with an ACK Packet back. Since the attack is using a Spoofed IP it will indicate that it won’t reply to the ACK Packets so your computer has sent to the Spoofed IP. This makes force your computer to send another ACK Packet. What so will happened this will keep going until your computer have used up all the resources of the computer to sending packets to a system so doesn’t exist. So it will even crash or hang. This isn’t any exploit in the TCP/IP Suit.

Land Attack:

This is another DoS attack type this will indicate that the attacker send and SYN Packet to the remote computer with a Spoofed IP address what will happened is the Spoofed IP address is have the same sauces address as the host computer. The port is also similar as the both system. The computer doesn’t know where it should send this packet since the IP addresses are matching each other. The computer will even crash or hang itself. This kind of attack is an exploit in the TCP/IP Suit... These attacks can also being avoided with a patched up Firewall.

Smurf Attack:

This will indicate that the attackers are using a Spoofed IP address to send ICMP Packets so will say ping a computer remotely. The Packets will be sent to a Broadcast address this will say that the all the computers on the network will get the ICMP Packet. This will slow down the networks bandwidth. What happened this will cause a classic loop on the network with ICMP Packets. The network will crash or being very slow since a lot of the networks resources are being used to reply to the packets.

UDP Flooding:

This will indicate the attacker have found two systems he want to attack. This will say the attacker using a Spoofed IP address to send a large number of UDP Packet to another system. The other system will also reply with a large number of UDP Packets. When that happened the both systems will all the time answer the UDP Packet to the other system. This will cause a loop and both systems will even crash or hang. All resources on both systems will be used up to send UDP Packets so will never stop.

Distributed DoS Attacks:

This is one of the most effective ways you can crash a network on. This attack is nearly imposable to avoid. This will indicate that the attacker have taken control of several systems with remote access. He will make the systems to a Zombie Computer when the have taken over all the systems he needs. He will attack the victims system. This kind of attack will normally be aimed at big companies so are very secure. Etc websites to big companies.. This will say that etc 100 computers are attacking 1 computer at the same time. This is almost not stoppable attack.. This is also very great attack so make take a while to do since he have to take control of many computers before the can do it. Also its very hard to find the identity to the attack since the computers doesn’t he own people so are using the Zombie computer doesn’t even know if the attacks are started from there own computer.

Application DoS Attacks:

All the normal packets attack on networks we have taken a closer look on is basically all the time exploits in TCP/IP suit. But there is also unlatched application so can also be used to similarly uses to DoS attack. So you can normally avoid that kind of attack types with patching up your Software’s you are using on your computer. All attacks are coming through loopholes in software’s.

vikas1234 22Aug2008 00:47

Nice article .... but most of the company are behind firewall

admin 22Aug2008 18:46

Re: Denial Of Service Attacks:
yes thank you i have tried the command prompt one and didnt turn out so well but on the bright side this account is |-|@(|{3|) my youtube username wesnr

GreenGrass 23Aug2008 03:12

Re: Denial Of Service Attacks:
Thanks guys :)

hanleyhansen 23Aug2008 07:41

Re: Denial Of Service Attacks:
Great article!

GreenGrass 23Aug2008 20:58

Re: Denial Of Service Attacks:
Thanks hanleyhansen

linuxswan 3Sep2008 12:34

Re: Denial Of Service Attacks:
really excellent stuff, easy to read and understand very well

shabbir 5Sep2008 23:00

Re: Denial Of Service Attacks:
Nominate for article of the month for August 2008

GreenGrass 6Sep2008 00:01

Re: Denial Of Service Attacks:
thanks linuxswan :)

shabbir 17Sep2008 19:11

Re: Denial Of Service Attacks:
Voting for article of the month for August 2008

SobredosiS.=] 12Oct2008 06:40

Re: Denial Of Service Attacks:
Confusing. If I understood this, I would be able to pat myself on the back. Right now, Im not. :|

All times are GMT +5.5. The time now is 00:29.