Home arrow Security arrow Page 2 - What’s behind the curtain? Part II

Denial of service (DoS) attack - Security

In this second of a three-part series covering threats to computer security, we focus on attacks that are more specifically directed against a particular person or company.

TABLE OF CONTENTS:
  1. What’s behind the curtain? Part II
  2. Denial of service (DoS) attack
  3. Password cracking attack
  4. Social engineering attack
  5. Conclusion
By: Eliana Stavrou
Poor Best
Rating: starstarstarstarstar / 8
February 28, 2005

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement

I will start the discussion with the well known denial of service attack. This attack is characterized as the “kiss of death” to the organizations that depend on the Internet for prospering, i.e. e-commerce, portals, and so forth. It attempts to deny access to specific resources, causing loss of availability for legitimate users of a system. A denial of service attack can cause various types of damage, such as the temporary loss of network connectivity and services, including email; bringing down a website accessed by a lot of people, costing to the company a great deal of time and money; alteration of files; and consumption of resources, including network bandwidth and CPU time. These are just a few of the ways a denial of service attack can harm a business. The sure thing is that until you notice it, you won’t know what hit you.

Common forms of denial of service attacks are:

  • Buffer overflow attacks. The attackers use this form of DoS attack to send more traffic than expected, overflowing the data buffers and causing problems. For example, a buffer overflow attack is set when the attacker sends multiple email messages with attachments that have a 256-character file name.
  • SYN attack. Remember the handshaking process used in the TCP? The packets include a SYN field that identifies the sequence of each packet in the message that sets up the session between a client and a server. The attacker sets a large number of connection requests and then does not respond to the reply. The packet in the buffer is dropped after a period of time and this is repeated for all the fraudulent requests made by the attacker. The effect of this is that legitimate requests cannot establish a TCP session because the server is occupied with all the bogus connection requests sent previously. 

The DoS attack can be organized to use several hundred to several thousand compromised hosts, causing severe damage to the target company. This attack is also known as a Distributed Denial of Service (DDoS). Attackers have been known to use the following four programs to launch DDoS attacks: Trinoo, TFN, TFN2K and Stacheldraht. They install one of these tools on the compromised machines and then they set up an attack to a single target; the flood of incoming messages to the target system essentially forces it to shut down, thereby denying service to the system to legitimate users.   

As you may understand, preventing DoS attacks is critical for all the organizations that use the Internet to do business.



 
 
>>> More Security Articles          >>> More By Eliana Stavrou
 

blog comments powered by Disqus
   

SECURITY ARTICLES

- Secure Your Business for Data Privacy Day
- Google Testing Security Fob Password Alterna...
- Security News Highlights Concerns
- Going to Extremes for Data Security
- Skipfish Website Vulnerability Scanner
- Critical Microsoft Visual Studio Security Pa...
- US Faces Tech Security Expert Deficit
- LAN Reconnaissance
- An Epilogue to Cryptography
- A Sequel to Cryptography
- An Introduction to Cryptography
- Security Overview
- Network Security Assessment
- Firewalls
- What’s behind the curtain? Part II
Find More Security Articles

Developer Shed Affiliates

 

© 2003-2013 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap

Dev Shed Tutorial Topics: