DDoS Attack

From ICANNWiki
Revision as of 04:29, 14 September 2011 by Marie Cabural (talk | contribs)
Jump to navigation Jump to search

UnderConstruction.png


DDoS is the acronym for Distributed Denial of Service. The Software Engineering Institute- CERT at Carnegie Mellon University explained that the telephone system, computer system and the Domain Name System (DNS) sometimes become unusable during peak hours where consumers are having a hard time using the service or when an intruder or hacker interrupts the system making it unavaible to consumers. When a hacker sends a very large amount of email to someone which can not be handled by the recipients computer disk that saves e-mails, a Denial of Service (DoS) attack happens because the user can not use his or her computer until the situation is resolved. In terms of computer network, intruders send extraordinary amount of internet calls to computers providing internet servicse preventing users to get internet connection. Users whose networks are unable to use the internet because of intrusion become victims of Distributed Denial Of Service attack.[1]]

Frequent Targets of Intruder Attacks

According to the CERT report, "Trends in Denial Service Attack Technology" the frequent targets of intruder activity are Windows end-users and Internet Routing Technology. Intruders primary intention in conducting DoS attack is to prevent the use of computer or network resources.

Reasons Why Internet is Vulnerable to Attacks

Internet connected systems are still vulnerable to DoS attacks despite active security efforts is because of the following reasons:[2]

  • Internet is composed of limited and consumable resources
  • Internet security is highly interdependent

Packet Flooding Attack

Packet Flooding Attack is the most common type of Denial of Service Attack.The modus operandi of intruders is sending more than acceptable number of packets to a particular destination which consumes the entire bandwidth resources. There are several types of packets used by Packet Flooding Attack tools including:

  • TCP Floods- SYN, ACK and RST flags are sent to the victim's IP Address
  • ICMP echo request reply (Ping Floods)- A stream of ICMP is sent to the victim's IP Address
  • UDP Floods- A stream of UDP is sent to the victim's IP Address

These attack tools changes the characteristics of packets in the packet stream such as the Source IP Address to hide the real source of the packet stream. The method of sending packet streams to one or more intermediate sites to create responses that will be sent to a victim is called IP Spoofing.[3] Other packet stream attribute being altered by intruders are the Source/Destination Ports and Other IP Header Values'.

References

  1. What is a Distributed Denial of Service (DDoS) Attack and What Can I Do About It?
  2. Trends in Denial Service Attack Technology
  3. Spoofing


Retrieved from "https://icannwiki.org/index.php?title=DDoS_Attack&oldid=41993"