Rahul Jamgade
Rahul Jamgade
Information Technology
01 Feb 2018

Series on Information Security -(Weekly) - DoS Attack- Part8


Denial of Service

Denial of Service or Dos attack is a type of attack where the resources are consumed in a wrongful way so that the resources are not available for genuine or legitimate purpose.This is generally done by exhausting resources on target machine or its attached devices/systems.​
The resources can be CPU, Bandwidth, RAM, Storage etc...

Examples of Denial of Service attacks that are Network related are mentioned below,

Flooding Service Ports : By this, sending so much traffic to the service /application that it is not able to handle and hence will not be able to serve the legitimate request.

Flooding Mail Servers : Relaying mail through mis configured mail server or sending large size mail attachments so that the hard disk on the mail server (IMAP or POP) get 100 percent utilized because of log file utilizes the disk space or mailbox becomes full and cannot store any new mails.

FTP Bounce Attacks : In this case the vulnerability is associated with PORT command in FTP server. Here one can use PORT command allows the target machine (in this case a FTP server) to specify arbitrary detonation and TCP port so that other machines can be used to explore further possibilities.

Ping Flooding Attack: In this kind of attack, the attacker will send automated ping echo packets to the target (victim), the echo packets are so large in quantity that it consumes all of the bandwidth of the victim, the source of echo packets are very large in number and hence their bandwidth may not hog. Because the victim's bandwidth is consumed completely, it will not be able to respond to legitimate traffic.

Smurf Attack : In Smurf attack the attacker will send ping echo packets to a broadcast address using a spoofed source address of the victim. All the computers on the network will respond back to the victim system as the source address was spoofed. Hence using all the bandwidth resources of the victim computer.

SYN Flood Attack : SYN flood attack takes advantage of three way handshake of TCP protocol. The details of three way handshake can be seen in the topic TCP/IP. Attacker will send initial SYN packet to the victim and the victim will respond back with SYN-ACK packet and will wait for ACK packet from the attacker. However the attacker will not send the ACK packet thereby forcing the victim to keep the connection open. The attacker sends huge number of such packets , eventually the victim will be drained of its connections and will stop responding to legitimate request.

IP Fragmentation Attack : One of the type of IP fragmentation attack is Ping of Death fragmentation attack . This attack uses many small fragmented ICMP packets which when reassembled at the destination exceed the maximum allowable size for an IP datagram. This can cause the victim host to crash, hang or even reboot.

Be the first one to reply

Share this content on your social channels -

Only logged in users can reply.