0
4.0kviews
Define DOS attack. Show the different ways by which this attack can be mounted at various layers.
1 Answer
1
224views

Denial of Service attack :

A denial of service attack is an attack that clogs up so much memory on the target system that it cannot serve its users, or it causes the target system to crash, reboot or otherwise deny services to legitimate users.

Classic DOS attacks :

  • Ping of death
  • Teardrop attacks
  • SYN-flood attacks
  • Land attacks
  • Smurf attacks
  • UDP flood attacks
  • Distributed DOS attacks
  • ICMP flood

i. Ping of death :

  • The 'ping' command makes use of the ICMP (Internet control message protocol) echo request, echo reply message is commonly used to examine whether the remote host is alive.

  • In a 'ping of death' attack , ping causes the remote to hang , reboot or crash to the attacks make use of ping command in conjunction with the '-l' argument(used to specify the size of the packet sent) to ping the target system with a data packet by TCP/IP.

eg: c: ......>ping -l 65540 hostname

ii. Teardrop attack:

  • Whenever data is sent over the internet it is broken into fragments at the source system reassembled at the destination system.

  • Each packet has an offset field in its TCP heads [art that specifies the range of data being carried that particular data packet. This along with the value in the sequence number field helps the data packets in the career order.

  • In a teardrop attack the target system cannot reassemble the packets is forced to crash, hang as reboot.

eg: Packets

(Byte 1-1500) (Byte 1501-3000) (Byte 3001-4500)

----> Teardrop attack

(Byte 1-1500) (Byte 1501-3000) (Byte1001-3600)

overlapping of bytes

iii.Land attack:

  • A land attack which is similar to a SYN attack, the only difference being that instead of including an invalid IP address of the target system.

  • As a result an infinite loop is created within the target system which ultimately hangs and crashes.

    -Solution :

To install a firewall or filtering utility the filters out outgoing packets as the TP address of the local system.

iv. Smurf attacks :

  • It is a kind of fact force DOS attack in which a huge number of 'ping' requests message it sends an echo an echo reply message to the spoofed IP address, flooding the network & preventing legitimate users from autaiming network services.
Please log in to add an answer.