Concepts of Denial-of-Service Attack & Distributed Denial of Service

-

For better understanding of Denial-of-Service Attack & Distributed Denial of Service (DoS/DDoS) attacks, one must be familiar with their concepts beforehand. This module discusses about what a DoS attack is, what a DDoS attack is, and how the DDoS attacks work.


What is a Denial-of-Service Attack?

DoS is an attack on a computer or network that reduces, restricts, or prevents accessibility of system resources to its legitimate users. In a DOS attack, attackers flood a victim’s system with non-legitimate service requests or traffic to overload its resources, bringing the system down, leading to unavailability of the victim’s website or at least significantly slowing the victim’s system or network performance. The goal of a DoS attack is not to gain unauthorized access to a system or to corrupt data; it is to keep the legitimate users away from using the system.
Following are the examples of types of DoS attacks:
  • Flooding the victim’s system with more traffic than can be handled
  • Flooding a service (e.g., internet relay chat (IRC)) with more events than it can handle
  • Crashing transmission control protocol (TCP/Internet protocol OP) stack by sending corrupt packets
  • Crashing a service by interacting with it in an unexpected way
  • Hanging a system by causing it to go into an infinite loop

In general,Denial-of-Service Attack DoS attacks target network bandwidth or connectivity. Bandwidth attacks overflow the network with a high volume of traffic using existing network resources, thus depriving legitimate users of these resources, Connectivity attacks overflow a computer with a large amount of connection requests, consuming all available resources of the OS so that the computer cannot process legitimate users’ requests.
Imagine a pizza delivery company, which does much of its business over the phone. If an attacker wanted to disrupt this business, he could figure out a way to tie up the company’s phone lines, making it impossible for the company to do business. That is how a DoS attack works—the attacker uses up all the ways to connect to the system, making legitimate business impossible, DoS attacks are a kind of security break that does not generally result in the theft of information. However, these attacks can harm the target in terms of time and resources. However, failure might mean the loss of a service such as email. In a worst-case scenario, a DOS attack can mean the accidental destruction of the files and programs of millions of people who happen to be surfing the Web at the time of attack.
A Distributed Denial of Service DDoS attack is a large-scale, coordinated attack on the availability of services on a victim’s system or network resources, launched indirectly through many compromised computers (botnets) on the Internet.

How Distributed Denial-of-Service Attacks Work?

In a Distributed Denial of Service DDoS attack, many applications found the target browser or network with fake exterior requests that make the system, network, browser, or site slow, useless, and disabled or unavailable.
The attacker initiates the DDoS attack by sending a command to the zombie agents. These zombie agents send a connection request to a large number of reflector systems with the spoofed IP address of the victim. The reflector systems see these requests as coming from the victim’s machine instead of the zombie agents due to spoofing of source IP address. Hence, they send the requested information (response to connection request) to the victim. The victim’s machine is flooded with unsolicited responses from several reflector computers at once. This either may reduce the performance or may cause the victim’s machine to shut down completely.

Learn more about identity theft in CEH from Infosavvy.
“The first step toward change is awareness. The second step is acceptance”
-Nathaniel Branden

Module Objectives

Denial-of-Service (DOS) and Distributed Denial-of-Service (DDoS) attacks became a serious threat to computer networks. These attacks attempt to make a machine or network resource unavailable to its authorized users. Usually DoS/DDoS attacks exploit vulnerabilities within the implementation of TCP/IP model protocol or bugs in a specific OS.
This module starts with a summary of DoS and DDoS attacks. It provides an insight into different DoS/DDoS attack techniques. Later, it discusses about botnet network, DoS/DDoS attack toolstechniques to detect DoS/DDoS attacks, and DoS/DDoS countermeasures. The module ends with a summary of penetration testing steps an ethical hacker should follow to perform a security assessment of the target.
At the end of this module, you’ll be ready to perform the following:
  • Describe the DoS/DDoS concepts
  • Perform DoS/DDoS using various attack techniques
  • Describe Botnets
  • Describe DoS/DDoS case studies
  • Explain different DoS/DDoS attack tools
  • Apply best practices to mitigate Do5IDD05 attacks
  • Perform DoS/DDoS penetration testing


click here for continue blog:- https://www.info-savvy.com/concepts-of-denial-of-service-attack-distributed-denial-of-service/


This Blog Article is posted by
Infosavvy, 2nd Floor, Sai Niketan, Chandavalkar Road Opp. Gora Gandhi Hotel, Above Jumbo King, beside Speakwell Institute, Borivali West, Mumbai, Maharashtra 400092

Contact us – www.info-savvy.com

https://g.co/kgs/ttqPpZ 

Comments

Post a Comment

Popular posts from this blog

ISO 27001 Annex : A.5 Information Security Policies

-
Image
5. 1  Management direction for information security ISO 27001 Annex : A.5 Information Security Policies, Its objective is to provide management guidance and  information security  assistance in accordance with business requirements and relevant laws and regulations. 5.1.1 Policies for Information Security Control-   A set of information security policies should be established, managed accepted, published and communicated to the employees and related external parties. Implementation Guidance-  At the very least companies need to identify a management-approved “information security strategy,” which outlines the organization’s approach to managing its information security goals. Information security policies should meet criteria that have been created by: Business strategy; Regulations, legislation and contracts; The present and projected  information security threat  environment Related Product :   ISO 27001 Lead Auditor Training And Certification ISMS The informa
Read more

Top 5 Key Elements of an Information Security

-
Image
Top 5 Key Elements of an Information Security and its critical elements, including systems and hardware that use, store, and transmit that information. Necessary tools: policy, awareness, training, education, technology etc. IS is the application of measures to ensure the safety and privacy of data by managing its storage and distribution. Information security has both technical and also social implications. Information security system is the process of protecting and securing the data from unauthorized access, disclosure, destruction or disruption. An organization that attempt to compose a operating ISP must have well-defined objectives regarding  security  And strategy. On that management have reached an agreement. Any existing dissonances during this context could render the data security policy project dysfunctional. The foremost necessary factor that a security skilled should bear in mind is that his knowing. The protection management practices would allow him to include t
Read more

Types of Vulnerability Assessment

-
Image
Given below are the different types of vulnerability assessments:   Active Assessment Active assessments are a type of vulnerability assessment that uses network scanners to scan the network to identify the hosts, services, and vulnerabilities present in that network. Active network scanners have the capability to reduce the intrusiveness of the checks they perform.   Passive Assessment Passive assessments sniff the traffic present on the network to identify the active systems, network services, applications, and vulnerabilities. Passive assessments also provide a list of the users who are a recently using the network. External Assessment External assessment assesses the network from a hacker's point of view to find out what exploits and vulnerabilities are accessible to the outside world. These types of assessments use external devices such as firewalls, routers, and servers. An external assessment estimates the threat of network security attacks
Read more