ComSec Trusted SF Member
Joined: 26 Jul 2002 Posts: 16777215
|
Posted: Sat Jul 27, 2002 5:17 am Post subject: Cheat Sheet: Denial of Service Attack (DoS) |
|
|
greetings to all
i have been asked by brasco if i would like to post here, i have over 540 posting at another security forum with over 6,300 + memebers,that i post to on a daily basis,main topics ,breaking news,security program releases,links etc ,also my site is hosted there ,am also a scouser exiled down south for the past 6 yrs and this board is hosted on merseyside so i kind of feel at home, anyway enough , if i can help i will, what i post here also gets posted to the other forum i visit.
come across this artical at http://www.silicon.com
Cheat Sheet: Denial of Service Attack (DoS)
Don't be bombarded...
What's DoS mean then? I know there is an
operating system called DOS but this is something different, isn't it?
Indeed. It actually stands for Denial of Service attack, which is a security breach that can cause havoc for network traffic.
Arrgggh - as if viruses and worms weren't enough. How does it work?
Well, sit down now, there are four different types of DoS attack. The most common is called buffer overflow, which works by overloading a network with traffic so it grinds to halt and brings a web server down.
Less common is the SYN attack, which tries to overload an email exchanging channel with a similar principle.
A teardrop attack is a large packet requesting technique which has the same outcome as the other two.
And then there's the smurf attack - a type of spoofing attack which floods an email host with fake messages.
I've heard about something called Ddos. What's that all about?
The principle of Ddos, which stands for Distributed Denial of Service attack, is the same as DoS. The difference is that a hacker sets out by looking for vulnerabilities in any single system and making it its master computer. The master computer then launches an attack against other systems which make the Ddos attacker harder to track down. Even worse, there can be multiple master computers all flooding the same channel.
This all sounds too scary. What will all of this do to my network?
A Denial of Service attack mainly causes a loss of network connectivity but it can also destroy files and programs. Hackers are not able to steal any information but the disruption can result in a serious loss of time and money. Network downtime ain't cheap.
Eeek don't I know it! Is there anything I can do?
Yes, you must make sure your system is water tight and that you have a back-up ready should it fall down. Do this by using firewalls and making sure ports aren't left unprotected and constantly open to the internet. That's about it really.
Who commits these pesky attacks?
Any hacker who might want to cause disruption to your system. Remember that hackers often surf the net looking for vulnerabilities, not specific targets as such. Unless of course it's someone with a grudge to bear.
What - like someone from my past? None of my ex-girlfriends even knew how to switch the computer on...
Well, it might not be someone personal to you. It could be a disgruntled employee or someone with an axe to grind. Have you sacked one of your sys admins unfairly?
Err...not that I can think of...
**Essential links**
From the silicon.com archive:
'FBI investigates AboveNet denial-of-service attack'
www.silicon.com/a37183
'Teenage Web menace held as Mounties get their man'
www.silicon.com/a37068
'Users pay the price as BT Connect hit by spammers'
www.silicon.com/a37052
'Hackers hit high-profile Web sites'
www.silicon.com/a35655
External security links:
www.securityfocus.com
www.counterpane.com
www.itsecurity.com
www.cert.org
www.sans.org
www.computersecuritynow.com
www.hackinthebox.com
cs1
author : Pia Heikkila
lfc
|
|