Article on DDOS attacks
Today i try to understand DDOS attacks....SO I would like to share with you what i learn ..seems to very simple but very dangerous
A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack)
is an attempt to make a computer resource unavailable to its intended users.
One common method of attack involves saturating the target (victim) machine with external communications requests, such
that it cannot respond to legitimate traffic, or responds so slowly as to be rendered effectively unavailable.
Attacks on wireless networks require a high-power Network Interface Card (NIC) and usually a high-gain (directional) external antenna (to increase range as well as power output).
A network interface card, network adapter, network interface controller (NIC), or LAN adapter is a computer hardware component designed to allow computers to communicate over a computer network.
Symtoms
# Unusually slow network performance (opening files or accessing web sites)
# Unavailability of a particular web site
# Inability to access any web site
# Dramatic increase in the number of spam emails received—
A DoS attack may include execution of malware intended to:
Harms
* Max out the processor's usage, preventing any work from occurring.
* Trigger errors in the microcode of the machine.
* Trigger errors in the sequencing of instructions, so as to force the computer into an unstable state or lock-up.
* Exploit errors in the operating system, causing resource starvation and/or thrashing, i.e. to use up all available facilities so no real work can be accomplished.
* Crash the operating system itself.
There are of many types
1:-The ping of death attack, or PoD, can cripple a network based on a flaw in the TCP/IP system.
The maximum size for a packet is 65,535 bytes. If one were to send a packet larger than that, the receiving computer would ultimately crash from confusion.
Sending a ping of this size is against the rules of the TCP/IP protocol, but hackers can bypass this by cleverly sending the packets in fragments. When the fragments are assembled on the receiving computer, the overall packet size is too great. This will cause a buffer overlflow and crash the device.
When conducting a smurf attack, attackers will use spoof their IP address to be the same as the victim’s IP address. This will cause great confusion on the victim’s network, and a massive flood of traffic will be sent to the victim’s networking device, if done correctly.
2:-Fraggle Attack
A Fraggle attack is exactly the same as a smurf attack, except that
it uses the user datagram protocol, or UDP, rather than the more common
transmission control protocol, or TCP. Fraggle attacks, like
3:-Smurf attacks :-smurf attacks, are starting to become outdated and are commonly stopped
by most firewalls or routers
When conducting a smurf attack, attackers will use spoof their IP address to be
the same as the victim’s IP address. This will cause great confusion on the victim’s network, and a massive flood of traffic will be sent to the victim’s networking device, if done correctly.
Most firewalls protect against smurf attacks,
4:-Tear Drop:-In the teardrop attack, packet fragments are sent in a jumbled and confused order. When the receiving device attempts to reassemble them, it obviously won’t know how to handle the request. Older versions of operating systems will simply just crash when this occurs
The SYN flood attack takes advantage of the TCP three-way handshake. This method operates two separate ways. Both methods attempt to start a three-way handshake, but not complete it. You can view the proper three-way handshake below.
5:-Distributed denial of service attack:-This is by far the most deadly of all denial of service attacks, since an easy fix is hard to come by.
A distributed denial of service attack, or DDoS, is much like the ping flood method, only multiple computers are being used. In this instance, the computers that are being used may or may not be aware of the fact that they are attacking a website or network. Trojans and viruses commonly give the hacker control of a computer, and thus, the ability to use them for attack. In this case the victim computers are called zombies.
A DDoS attack is very tough to overcome. The first thing to do is to contact your hosting provider or internet service provider, depending on what is under attack. They will usually be able to filter out the bulk of the traffic based on where it’s coming from. For more large-scale attacks, you’ll have to become more creative.
If you have access to your router, and are running a Cisco brand, enter the following command into your router command prompt: No ip verify unicast reverse-path.
This will ensure that attackers can’t spoof their IP address. This will still be a problem for zombie computers however, since those IP addresses aren’t spoofed at all. In this case, you can do one of several things.
If admin gave me permision ..i would also tell you some tricks to accomplish this attack...