Scribd
Upload
6 views3 pages

Module - 16 - Denial of Servicea

The document provides an overview of Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, detailing their methodologies, types, and techniques. It discusses various attack methods such as Ping of Death, SYN Flood, and HTTP Flood, as well as the role of botnets in executing these attacks. Additionally, it outlines identification and prevention techniques to mitigate the impact of such attacks.

Uploaded by

lohardeepak9098
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
6 views3 pages

Module - 16 - Denial of Servicea

The document provides an overview of Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, detailing their methodologies, types, and techniques. It discusses various attack methods such as Ping of Death, SYN Flood, and HTTP Flood, as well as the role of botnets in executing these attacks. Additionally, it outlines identification and prevention techniques to mitigate the impact of such attacks.

Uploaded by

lohardeepak9098
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Module 16 – Denial of Service (DoS)

1. Introduction to DoS & DDoS Attack

What is a DoS Attack?


A Denial of Service (DoS) attack is a malicious attempt to make a system, service, or
network unavailable by overwhelming it with excessive traffic or exploiting vulnerabilities.
The primary goal is to disrupt normal operations.

What is a DDoS Attack?


A Distributed Denial of Service (DDoS) attack is a large-scale attack where multiple
compromised systems, often part of a botnet, are used to flood the target with traffic. This
scale makes it more challenging to mitigate.

Methodology of DoS/DDoS Attacks


1. Reconnaissance: Gathering information about the target’s infrastructure.
2. Selection of Tools/Techniques: Choosing specific attack methods and tools.
3. Launch Attack: Initiating a flood of traffic or exploiting vulnerabilities.
4. Monitor Impact: Ensuring the attack successfully disrupts the target.

2. Types & Techniques of DoS/DDoS Attack

Ping of Death Attack


This attack sends oversized ICMP packets to the target. These packets cause buffer
overflow, leading to system crashes or instability. Modern systems are generally immune to
this attack due to built-in protections.

Land Attack
In this attack, spoofed packets with identical source and destination IP addresses are sent to
the target. The target becomes confused and experiences a crash. Most modern devices have
measures to counteract land attacks.

Smurf Attack
This attack involves sending ICMP echo requests to a network’s broadcast address while
spoofing the target’s IP address. Devices on the network reply to the target, overwhelming it
with echo replies.

Tear Drop Attack


This attack sends malformed or fragmented packets to the target. The target struggles to
reassemble the packets, causing the system to crash. Modern operating systems have
protections against this.
SYN Flood Attack
This attack exploits the TCP handshake by sending numerous SYN requests without
completing the handshake. The target’s resources are consumed, leading to a denial of
service.

HTTP Flood Attack


The attacker sends a large number of HTTP requests to the target’s web server. These
requests consume server resources, resulting in downtime.

UDP Flood Attack


This attack sends numerous UDP packets to random ports on the target. The target attempts
to process these packets, leading to resource exhaustion.

ICMP Flood Attack


In this attack, the target is inundated with ICMP echo requests (ping packets), consuming its
bandwidth and processing power.

3. Botnet Distribution

What is a Botnet?
A botnet is a network of compromised devices, also known as bots, that are controlled by an
attacker to perform coordinated malicious activities, such as DDoS attacks.

Botnet Planting Strategies


1. Phishing Emails: Delivering malicious links or attachments.
2. Exploiting Vulnerabilities: Infecting systems with malware via known vulnerabilities.
3. Malvertising: Using malicious advertisements to distribute botnet malware.

How to Detect a Botnet


1. Unusual network traffic patterns.
2. High bandwidth usage.
3. Unexpected outbound connections to unknown IPs.
4. Frequent crashes or slowdowns.

4. DoS/DDoS Tools
Common tools used for DoS/DDoS attacks include:
1. Low Orbit Ion Cannon (LOIC): An open-source stress testing tool.
2. High Orbit Ion Cannon (HOIC): An advanced tool capable of HTTP flooding.
3. Hping: A packet crafting tool often used for SYN Floods.
4. Xerxes: A specialized tool for HTTP DDoS attacks.
5. Botnet Frameworks: Tools like Mirai or Zeus to control botnets.
5. Identification & Prevention Techniques & Tools

Identification Techniques
1. Traffic Analysis: Monitoring for abnormal traffic patterns.
2. Anomaly Detection Systems: Using machine learning to identify unusual activities.
3. Network Monitoring Tools: Tools like Wireshark or Nagios to detect high traffic rates.

Prevention Techniques
1. Rate Limiting: Restricting the number of requests per IP.
2. Firewalls: Configuring firewalls to block malicious traffic.
3. Content Delivery Networks (CDNs): Using CDNs to absorb traffic.
4. DDoS Protection Services: Services like Cloudflare or Akamai.
5. IP Blacklisting/Whitelisting: Blocking known malicious IPs and allowing trusted IPs.

You might also like