DOS Attacks or Denial Of Services is a very favorite hacking technique by hackers. This is relatively easy to do and have been testing grounds for budding hackers. In fact, hackers use this technique to gain wide recognition because of the fame and respect that a successful DOS Attack brings to the hacker in the underground groups.
DOS attack is done by sending too much data packets which cannot be handled by the target network server. There are many avenues of exploits and these are vulnerabilities in the TCP/IP protocols suite, vulnerabilities in the Ipv4 implementation and the use of the resources of the target system and make the services unable to respond.
There are many vulnerabilities in TCP/IP itself and some of them are enumerated here as they are called Ping of Death, Teardrop, SYN attacks and Land Attacks.
Ping of Death
This was one of the earliest tool of denial of service during the time when systems where less complex than they are today. There are now fully upgraded systems that are invulnerable to Ping of Death attacks. Ping of Death works by causing the system to hang or reboot and thereby unusable by legitimate users.
In this attack, the target system is pinged with a data packet that exceeds the maximum bytes allowed by TCP/IP. When the target computer is pinged, the system has no recourse but to hang, reboot or crash.
Teardrop
The Teardrop is an attack that exploits the vulnerability in the reassembling of data packets.
When data is sent over the Internet, it is first broken down into smaller fragments at the source system and then put together at the destination system. With a teardrop attack, the hacker will confuse the target making it unable to put together the correct sequence of data packets.
When these packets are divided up they have an OFFSET field in their TCP header part which will determine which date packet that each fragment is carrying.
By disrupting the series of data packets by overlapping their Offset field values, the target system becomes unable to piece them together and forced to crash, hang or reboot.
SYN Attack
The SYN attack is a disruption in the TCP/IP's three-way connection by using bad IP address to so that the SYN ACK will never come and the target server waits and waits. When a connection is negotiated by a computer to the Internet, there is a three way connection that must be established.
When too many of these disruptions are sent, the target will no longer have the resources to entertain legitimate connection request.
In a SYN attack, the attacker send SYN packets server with a SYN packets from a bad source IP Address. When the target system receives these SYN Packets with Bad IP Addresses, it tries to respond to each one of them with a SYN ACK packet. Now the target system waits for an ACK message to come from the bad IP address.
Land Attacks
This is no longer famous since this can be easily addressed. A Land attack is like the SYN attack but this time the attacker uses the target’s own IP address to create an infinite loop where the target waits for itself to send acknowledgement which will never come because it is the target system itself waiting to communicate with itself.
Smurf Attacks
A Smurf attack is a DOS Attack done by making huge number of Ping Requests with spoofed IP Addresses from within the target network creating a traffic that is too much for target system to handle. The result then is that the target network is unable to respond to legitimate users.
Distributed DOS Attacks
This is a new and improved DOS attack which is far greater threat that even threatens the virus as the most feared DOS Attack in the Internet.
This Distributed DOS attack will allow attackers to escape because it will be difficult to trace them because they are a group that acts in concert with each other. This kind of attack is somehow a little difficult since each will have to find lesser weakness on the target network and work their way up together.
Tidak ada komentar:
Posting Komentar
Setelah membaca artikel di atas.
Apa komentar anda ??