Testbusters.net
  Testbusters.net
  Guaranteed Pass!
Questions, email us!
    Test Questions
Home  
Guarantee  
About Us  
FAQ  
Purchase
 Products     Microsoft®    CompTIA®    Cisco®    Subnetting Made Easy
Access Control Techniques
  Mandatory
  Discretionary
Access Control Models
  Lapadula
  Clark-Wilson
  Biba
Intrusions
  DoS Attack
  IDS
WAN Security
  Firewall
  VPN
  Authorization
  Viruses
  Public Keys
  Private Keys
 SY0-101
  Test 1
 N10-003
  Test 44
  Test 12
 Aplus
  Test 11
  Test 1
 W2K
  Test 1
 More Test
Questions
Denial of Service - DoS Attacks

The Denial of service attack may take many forms. Some of which cause the Host server to fail, while others are used to get into the network and either cause malicious harm, or may be used to take information.
Although most of these attacks may be prevented by keeping up to date with operating system patches, it is not uncommon to hear of one taking place on occasion.
The Ping attack may be classified as a denial of service attack. This is also sometimes referred to as the ping of death .

The unsuspecting victim is hit with ping requests, where the ICMP (Internet Control Message Protocol) packet is to large. By design the ICMP packet should have a maximum size of 65,536 bytes. If the ICMP packet is 65,537 bytes or larger the victim system may not know how to handle it, and the result may be either a complete system crash or the system may hang.
These were common with Windows 3.11, Windows 95, and NT4 to name a few.

The Smurf attack is sometimes referred to as a DDoS (Distributed Denial of Service) multi-level network attack. This type of attack also exploits the ICMP function.
In this attack the perpetrator sends a large number of ICMP echo (ping) packets to the IP broadcast address of the unsuspecting victim, with the spoofed source address of a victim.
If the routing device delivering traffic to the broadcast addresses performs the IP broadcast to layer 2 broadcast function most hosts on that IP network will take the ICMP echo request and reply to it with an echo reply each, multiplying the traffic by the number of hosts responding.

The Fraggle attack is similar to the Smurf attack except that it sends spoofed UDP (User datagram protocol) packets instead of spoofed ICMP packets.

The SYN flood takes advantage of the TCP three way handshake. The perpetrator sends a flood of TCP packets with the SYN (Synchronization) flag enabled. The victim responds with the ACK (acknowledgement) flag enabled, and the SYN flag enabled so that two way communication may be initiated.
The perpetrator does not respond, which leaves the connection in a half open state for a predetermined period of time.
If enough packets are sent the victim is overwhelmed with half open ports, and is unable to communicate.

Copyright ©2002-2006 Testbusters.net. All Rights Reserved.
Testbusters.net is not sponsored, endorsed or affiliated by any associated vendor.
Associated venders include, but are not limited to, Microsoft®, Cisco®, CompTIA®, Novell® etc.