Monday, 22 September 2014

DoS Attacks

 DoS Attacks



In a DoS (denial-of-service) attack the hacker or group try to flood the network with so much traffic that it becomes slow or inaccessible for legitimate users. They do this by  taking control of many computers (botnet)  and targeting them all against a certain network .
When this happens attackers prevent you from accessing your email, social networking sites and other services.  Servers can only handle a certain number of requests so if it becomes flooded then user’s requests won’t be processed.

DoS attacks target sites that are of a high profile such as banks, companies and even government websites and they send so much traffic that their servers can’t respond to legitimate traffic.  Denial-of-service attacks are considered violations of the Internet Architecture Board's Internet proper use policy, and also violate the acceptable use policies of virtually all Internet service providers.
Here are a few methods of how these attacks are carried out.
  • Ping of Death - bots create huge electronic packets and sends them on to victims
  • Mail bomb - bots send a massive amount of e-mail, crashing e-mail servers
  • Teardrop - bots send pieces of an illegitimate packet; the victim system tries to recombine the pieces into a packet and crashes as a result
  • Max out the processor's usage, preventing any work from occurring.
  • Trigger errors in the sequencing of instructions, so as to force the computer into an unstable state or lock-up.
  • Crash the operating system itself.
Here is one example of a DoS attack on a large scale:  July, 2009: Unknown vs. United States & South Korea.
For three days in July, 2009, the web sites of South Korean’s largest daily newspaper, a large-scale online auction house, a bank, the country’s president, the White House, the Pentagon and U.S. Forces Korea—to name a few—came under DDoS attack as upwards of 166,000 computers in a botnet unleashed wave after wave after wave of a data-powered onslaught. Some believed operatives at North Korea’s telecommunications ministry were to blame, using a backdoor for the infamous Mydoom worm of 2004, but this has never been proven. 

If there a signs of a DoS attack that is happening a network administrator can limit the number of traffic the server receives. This way can even block the legitimate users. Network administrators can try a find out where these attacks are coming from and try to filter and block these attacks. Firewalls can be configured to block the DoS attacks.


 Bibliography 

http://computer.howstuffworks.com/zombie-computer3.htm
http://www.webopedia.com/TERM/D/DoS_attack.html
https://www.us-cert.gov/ncas/tips/ST04-015
http://searchsecurity.techtarget.com/definition/distributed-denial-of-service-attack

http://www.thedailybeast.com/articles/2010/12/11/hackers-10-most-famous-attacks-worms-and-ddos-takedowns.html
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)