1 / 15

Denial-of-Service (DoS) Attack

A Denial-of-Service (DoS) attack shuts down a machine or a network to make it inaccessible to its intended users. This PPT sheds light upon this kind of a cyberattack and its types, to increase awareness related to the threat that it poses to web servers and applications.<br>

htshosting
Download Presentation

Denial-of-Service (DoS) Attack

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Denial-of-Service (DoS) Attack

  2. Table of Contents • More Information on Types of DoS Attacks (Ping of Death) • More Information on Types of DoS Attacks (Slowloris) • More Information on Types of DoS Attacks (NTP Amplification) • More Information on Types of DoS Attacks (HTTP Flood) • Conclusion • A Denial-of-Service (DoS) Attack • Web Servers • Types of DoS Attacks • More Information on Types of DoS Attacks • More Information on Types of DoS Attacks (UDP Attacks) • More Information on Types of DoS Attacks (ICMP Attacks)

  3. A Denial-of-Service (DoS) Attack  • This type of a cyberattack is aimed at shutting down a machine or a network, so that it becomes inaccessible to its intended users. This is accomplished by either flooding the target with traffic or by sending such information to it, which triggers a crash. In either situation, a DoS attack ensures that the legitimate users (i.e. employees, account holders or members) of a service or resource cannot access it any longer. Such an attack makes online services unavailable to the end-user by either suspending the servers or by interrupting their services. • This kind of an attack is usually aimed at web servers of high-profile organizations that are in the banking or commercial sector as well as media agencies and government organizations along with trade organizations. A DoS attack might not lead to any loss or theft of significant information but it is harmful as it can make its victim lose a significant amount of time and money to resolve this issue.

  4. Web Servers YELLOW • In the context of discussing a DoS attack or any other cyberattack, it becomes imperative to understand the most basic information about web servers. A web server stores as well as makes available all the files that are needed to make any website and web page accessible over the Internet. Web hosting companies offer various plans to lease these web servers. These companies provide the technology along with server space and other related services to ensure that these websites remain accessible consistently. One might come across terms such as “Windows Hosting”, “Cloud Hosting” and “Web Hosting”, which all refer to hosting services.

  5. Types of DoS Attacks • DoS attacks can be of different types which have been mentioned below, in no particular order. • UDP attacks • HTTP flood • ICMP attacks • Protocol attacks • Volume-based attacks • Application-layer attacks • Ping of death • Slowloris • NTP application

  6. More Information on Types of DoS Attacks • Three of the above-mentioned types of DoS attacks have been touched upon in brief here. • DoS attacks based on the protocol: Its goal is to consume the resources of real servers or the component implemented which are meant for intermediate communication such as load balancer and firewall. Its transmission rate is measured in packets per second. Ping of Death, SYN floods, Smurf denial of services and fragmented packet attacks, are examples of this type of an attack. • DoS attacks based on volume: This attack aims to saturate the bandwidth of the affected site. Its magnitude is calibrated in bits per second. This type of an attack includes spoof-packet flood, ICMP flood and UDP flood. • DoS attacks on the application layer: This type of an attack ensures that the web server breaks down. It is measured in request per second and has specific targets such as Apache, OpenBSD and Windows. The examples of this type of an attack are GET/POST floods and Low-and-Slow attacks.

  7. More Information on Types of DoS Attacks (UDP Attacks) UDP flood attacks are meant to target as well as flood random ports on the remote host. The host continuously keeps checking for the application ports. When no port is found, it leaves a reply with ICMP, which is destination unreachable packet message. This affects the host resources and results in inaccessibility of services. As is evident from the name itself, it attacks and affects the host with User Datagram Protocol packets (UDP).

  8. More Information on Types of DoS Attacks (ICMP Attacks) An Internet Control Message Protocol (ICMP) attack consumes both incoming and outgoing bandwidth. This happens because all the affected servers will attempt frequently to react with ICMP echo reply packets. This results in either shutdown or slowing down of the entire system. It is similar to a UDP attack but if affects the target with ICMP echo request packets, which are sent at a high transmission rate rather than waiting for any reply. In it, an attacker attempts to overwhelm a targeted device with ICMP echo-requests (pings). In normal circumstances, ICMP echo-request and echo-reply messages are used to ping a network device. This is done to diagnose the health and connectivity of the device as well as the connection between the sender and the device. When the target is flooded with request packets, the network is forced to respond with an equal number of reply packets. This results in the target becoming inaccessible to normal traffic. Custom tools or codes are involved in other types of ICMP request attacks.

  9. More Information on Types of DoS Attacks (Ping of Death) In this type of an attack there is a continuous transmission of malfunctioned or malicious pings to the server. 65535 bytes is the maximum packet length of the IP packet, including the header. The data link layer has a limit of maximum frame size at 1500 bytes over an Ethernet. In this kind of a scenario, a maximum IP packet is segmented across multiple IP fragments. The receiving host possesses the IP packets or fragments to complete the entire IP. The malware manipulates the fragment data. This leads to recipient packets which are higher than 65535 bytes, when reassembled. This can be an overwhelming volume for the memory space that had been allocated for the packet. Hence, it results in denial of service for even those packets which are real and legitimate.

  10. More Information on Types of DoS Attacks (Slowloris) It is a type of DoS attack in which a single machine can take down the web server of another machine. It is achieved with minimal bandwidth as well as side effects, on unrelated services and ports. This type of an attack tries to keep open several connections to the web server that is the target. It tries to keep them open for as long as it can be possible. This is achieved by it by opening connections and sending a partial request to the target web server. It sends HTTP headers subsequently and periodically, which add to the request but never complete it. These connections will be kept open by those servers that are affected, which will fill their pool of concurrent connection to the maximum level. This will eventually result in denying additional connection attempts from the clients and cause a slowing down of the entire system.

  11. 1-800-123 -8156 Whoa! That’s a big number, aren’t you proud?

  12. More Information on Types of DoS Attacks (NTP Amplification) In it, the publically-accessible Network Time Protocol (NTP) servers are exploited by the attacker. That is done to overwhelm the targeted server with User Datagram Protocol (UDP) traffic. NTP is one of the oldest network protocols. This type of an attack is essentially a reflection attack. A reflection attack involves obtaining a response from a server to a spoofed IP address. In NTP Amplification attack, the attacker sends a packet that has a forged IP address, which is that of the victim’s. The server then replies to this address. When reflection attacks are amplified, as is in this case, it can be very dangerous as it ensures obtaining a server response that is not at all proportionate to the original packet request that was sent. In this kind of an attack, the query-to-response ratio lies in between 20:1 and 200:1 or even more, which ensures that any attacker who has a list of open NTP servers can easily produce a disastrously high-bandwidth, high-volume attack.

  13. More Information on Types of DoS Attacks (HTTP Flood) HTTP flooding attacks are specifically designed for their particular target. This makes it much harder to uncover and block these. Since these attacks make use of standard URL requests, HTTP flooding attacks are almost indistinguishable from authentic traffic. In this kind of an attack, seemingly legitimate HTTP GET or POST requests are utilized to attack a web server or even a web application. In comparison to other types of attacks, it consumes minimum bandwidth to slow down its target web server or application.

  14. Conclusion The information provided here makes it very well evident that how a Denial-of-Service (DoS) attack can pose a threat to web servers as well as applications. Hence, it is extremely crucial to take proper steps to make sure that every safety measure is implemented to avert such an attack or minimize its changes of occurring.

  15. Thanks! ANY QUESTIONS? You can find me at: www.htshosting.org www.htshosting.org/best-web-hosting-company-India www.htshosting.org/best-windows-hosting www.htshosting.org/best-cloud-hosting-company support@htshosting.org

More Related