dos(denial of service) attack

What is dos attack?
In computing, the dos ( denial of service ) attack is one of the most dangerous attack in cyber-attacks . Dos attack is a type of attack on a network that is designed to bring the network to its knees by flooding  It with useless traffic. Many dos attacks, such as the ping of death and teardrop attacks, exploit limitations in the TCP/IP protocols.



two general class of the attack
1)flooding attacks

⇒  Point to point  attacks: TCP/UDP/ICMP flooding,
⇒ Smurf attacks
⇒ Distributed attacks: hierarchical  structurer
2)corruption attacks
Application/service specific
eg. polluting p2p systems


What is DDos attack?
In a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.



what is difference between dos and ddos?

The differences between DoS and DDoS are substantive and worth noting. In a DoS attack, a perpetrator uses a single Internet connection to either exploit a software vulnerability or flood a target with fake requests such as ping ,http  —usually in an attempt to exhaust server resources  (e.g., RAM and CPU).

On the other hand, distributed denial of service (DDoS) attacks are launched from multiple connected devices that are distributed across the Internet. These multi-person, multi-device barrages are generally harder to deflect, mostly due to the sheer volume of devices involved. Unlike single-source DoS attacks, DDoS assaults tend to target the network infrastructure in an attempt to saturate it with huge volumes of traffic.

DDoS attacks also differ in the manner of their execution. Broadly speaking, DoS attacks are launched using homebrewed scripts or DoS tools (e.g., Low Orbit Ion Canon), while DDoS attacks are launched from botnets—large clusters of connected devices (e.g., cellphones, PCs or routers) infected with malware that allows remote control by an attacker. 

Dos attack tools

  • LOIC (Low Orbit Ion Canon) LOIC is one of the most popular DOS attacking tools freely available on the Internet
  • XOIC. XOIC is another nice DOS attacking tool
  • HULK (HTTP Unbearable Load King) 
  • DDOSIM—Layer 7 DDOS Simulator
  • R-U-Dead-Yet
  • Tor's Hammer
  • PyLoris
  • OWASP DOS HTTP POST



loic tool

Can you find source of attack?

          Hard to find BadGuy
  ⇒  Originator of attack compromised the handlers
  ⇒  Originator not active when DDOS attack occurs
          Can try to find agents
          ⇒  Source IP address in packets is not reliable
 ⇒  Need to examine traffic at many points, modify traffic, or modify routers


          DoS attacks increasing in frequency, severity and sophistication
  ⇒ 32% respondents detected DoS attacks (1999 CSI/FBI survey)

    ⇒    August 6, 2009, several social networking sites, including Twitter, Facebook, Livejournal, and Google blogging pages were hit by DDoS attacks

          Aimed at Georgian blogger "Cyxymu".

   ⇒     Internet's root DNS servers  attacked on
          Oct. 22, 2002, 9 out of 13 disabled for about an hour
Feb. 6, 2007, one of the servers crashed, two reportedly "suffered badly", while others saw "heavy traffic.




Comments

Post a Comment

Popular posts from this blog

Image
 ⇒ What is an ip addresss? An   IP address   (abbreviation of   Internet Protocol address ) is an identifier assigned to each computer and other device (e.g., printer,   router ,   mobile device , etc.) connected to a   TCP/IP network that is used to locate and identify the node in communications with other nodes on the network. IP addresses are usually written and displayed in   human-readable notations. ➦ there are mainly two ip address 1)ipv4 2)ipv6 ⇒ Ipv4 address An IP address in IPv4 is   32-bits   in size, which limits the   address space   to   4294967296   (2 32 ) IP addresses. Of this number, IPv4 reserves some addresses for special purposes such as   private networks   (~18 million addresses) or   multicast addresses   (~270 million addresses). IPv4 addresses are usually represented in   dot-decimal notation, consisting of four decimal numbers, each ranging from 0 to 255, separated by dots, e.g., 172.16.254.1. Each part represents a group of 8 bit
Read more

MALWARE

Image
what is malware ? malware is a software,that perform  victim  malicious action on victims computer or any device. the term is a combination of the words malicious and software.the ultimate goal of hackers to install malware on your computers or any device any how.once they install malware on your computer or device they can access your computer. the malware are not only targeted to only some specific system like windows ,while windows is widely used ,thus a big target,malware can infect any computing device.every one is a target, including you. the more computer or devices cyber criminal infect,the more money they earn.  who is developing malware and why? malware is created by sophisticated cyber criminals to help them achieve specific goals.the main goal is to steal important information , user id passwords, to send spam  emails,launching denial of service attacks. the malware known as petya is used by criminals to infect and encrypt hard disk of your computer.once infe
Read more

Nmap for scanning networks

Image
what is Nmap? Nmap ("Network Mapper") is a free open source tool for scanning the network.you can download from from here nmap.org Nmap  uses raw IP packets in novel ways to determine what hosts are available on the network,what services (application name and version) those hosts are offering ,what operating system (os version) they are running,what type of packets filters/firewalls are in use,and dozens of other characteristics. firewalls,routers,proxy servers and other security devices can skew the results of and Nmap scan.scanning remote hosts that are not on your local network may provide misleading information because of this  what is illegal with Nmap? scanning networks that you do not have permission to scan can get you in trouble with your internet service provider,the police,and possibly even the government. don't go off scanning the FBI of secret service website unless you want to get in trouble. aggressively scanning some systems may cause
Read more