Presentation is loading. Please wait.

Presentation is loading. Please wait.

DENIAL OF SERVICE ATTACK

Published byAdrian Boyd Modified over 8 years ago

Similar presentations

Presentation on theme: "DENIAL OF SERVICE ATTACK"— Presentation transcript:

1 DENIAL OF SERVICE ATTACK
YVONNE M. AKUTSA BEHROKH MOHEB

2 Objectives What is denial of service?
What is distributed denial of service? Common forms of attack Modes of attack Consequences of attack Real example of attack Sign of attack Prevention Ethic on Denial of Service attack

3 WHAT IS DENIAL OF SERVICE ATTACK?
Denial-of-service attack, is a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic.  DoS attack, denial-of-service attack, is an explicit attempt to make a computer resource unavailable by either injecting a computer virus or flooding the network with useless traffic.

4 WHAT IS DENIAL OF SERVICE ATTACK? cont’
Its aim is to prevent legitimate users by: Attempting to flood a network To disrupt connections between computers Prevent certain individuals from accessing a service Disrupt service to a specific system or person

5 Common forms of Attack SYN Floods Ping of death Smurf Attack
Teardrop Attack Mail Bomb Ping of flood

6 SYN Floods It takes advantage of the flaw of TCP three-way handshaking behavior. Sends many requests to the connection. Do not response to replies. The SYN flood attack sends TCP connections requests faster than a machine can process them

7 Ping of death Is a denial of service (DoS) attack caused by an attacker deliberately sending an IP packet larger than the bytes allowed by the IP protocol.  Since the received ICMP(Internet Control Message Protocol) echo request packet is bigger than the normal IP packet size, the victim cannot reassemble the packets. The OS may be crashed or rebooted as a result.

8 Smurf Attack A smurf attack occurs when an attacker sends a large amount of IP packets to the broadcast address of an intermediate network with spoofed IP addresses as the origin.  This cause all hosts on the network to reply to the ICMP request, causing significant traffic to the victim's computer.

9 Teardrop Attack Divides large files into fragments.
An attacker sends two fragments that cannot be reassembled properly by manipulating the offset value of packet and cause reboot or halt of victim system. Teardrop exploits an overlapping IP fragment bug present in Windows 95, Windows NT and Windows 3.1 machines. 

10 Mail Bomb bombing is characterized by abusers repeatedly sending an message to a particular address at a specific victim site. In many instances, the messages will be large and constructed from meaningless data in an effort to consume additional system and network resources

11 Ping of flood  Attacker simply sends a huge number of "ICMP Echo Requests(ping)" to the victim. It sends ICMP packets as fast as possible without waiting for replies. The continuing combination of requests and replies can slow the network or, in extreme cases, to disconnect. This is an easy attack because many ping utilities support this operation, and the hacker doesn't need much knowledge.

12 What does the DoS attack?
NETWORK BANDWITH SERVER MEMORY CPU USAGE DATABASE CONNECTION POOL DATABASE SPACE HARD DISK SPACE

13 What is Distributed Denial of Service?
DDOS, short for Distributed Denial of Service, is a type of DOS attack where multiple compromised systems , which are usually infected with a Trojan -- are used to target a single system causing a Denial of Service (DoS) attack.  DDoS = when multiple hosts attack simultaneously DoS = when a single host attacks.

14 MODES OF ATTACK Consumption of scarce, limited or non renewable resources Destruction or alteration of configuration information Physical destruction or alteration of network components

15 CONSEQUENCES OF ATTACKS
BRAND DAMAGE FINANCIAL LOSSES SABORTAGE EXTORTION REPEAT ATTACK IF NOT WELL PROTECTED

16 Examples of Attack Schwab Website Again Hit With Denial of Service Attack ( chwab-website-again-hit-with-denial-of-service- attack/ ) Spamhaus hit by biggest-ever DDoS attacks ( 8/Update_Spamhaus_hit_by_biggest_ever_DDoS _attacks)

17 SIGNS OF AN ATTACK Unusually slow network
Certain websites become slower to open or unavailable. A high increase in the amount of spam received. Disconnection of a wireless or wired internet connection

18 PREVENTION OF ATTACK Businesses Firewall and Router configuration
Block unnecessary ports Filter broadcast messages Verify source IP address (prevent IP spoofing across subnets) Install DDoS protection equipment or services Monitor traffic under normal circumstances and detect anomalies

19 Cont’ Apply latest patches to servers and PCs, Use Antivirus software
Maintain a redundant environment (hot swap server) End Users Use a home firewall/router Apply latest updates for operating system Use Antivirus software Use caution when opening attachments or clicking on links

20 ETHICS IN DOS ATTACK A Denial of Service Attack is unethical. This is because it is an invasion of someone’s space and with others the destruction of property which denies them the right to use what rightfully belongs to them as a legitimate owner.

21 CONCLUSION Denial of service attacks have now become common forms of protests online for many groups that feel unfairly treated or have prejudices against companies.

22 References http://www.iplocation.net/tools/denial-of-service.php
ml P/SYN_flood/default.htm death ing.html

Download ppt "DENIAL OF SERVICE ATTACK"

Similar presentations

Denial of Service Attack History What is a Denial of Service Attack? Modes of Attack Performing a Denial of Service Attack Distributed Denial of Service.

Denial of Service Attack History What is a Denial of Service Attack? Modes of Attack Performing a Denial of Service Attack Distributed Denial of Service.
Denial of Service By: Samarth Shah and Navin Soni.

Denial of Service By: Samarth Shah and Navin Soni.
NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.

NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.

Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.

Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
CSE331: Introduction to Networks and Security Lecture 35 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 35 Fall 2002.
1/42 Arab Academy for Banking &Financial Sciences Faculty of Information Systems & Technology - Department of CIS Information System Security Ph.D Prepared.

1/42 Arab Academy for Banking &Financial Sciences Faculty of Information Systems & Technology - Department of CIS Information System Security Ph.D Prepared.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
SYN Flooding: A Denial of Service Attack Shivani Hashia CS265.

SYN Flooding: A Denial of Service Attack Shivani Hashia CS265.
Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA © Abdou Illia.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.

Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.
Lance West.  Just what is a Denial of Service (DoS) attack, and just how can it be used to attack a network.  A DoS attack involves exploiting operating.

Lance West.  Just what is a Denial of Service (DoS) attack, and just how can it be used to attack a network.  A DoS attack involves exploiting operating.
Denial of Service attacks. Types of DoS attacks Bandwidth consumption attackers have more bandwidth than victim, e.g T3 (45Mpbs) attacks T1 (1.544 Mbps).

Denial of Service attacks. Types of DoS attacks Bandwidth consumption attackers have more bandwidth than victim, e.g T3 (45Mpbs) attacks T1 (1.544 Mbps).
Game-based Analysis of Denial-of- Service Prevention Protocols Ajay Mahimkar Class Project: CS 395T.

Game-based Analysis of Denial-of- Service Prevention Protocols Ajay Mahimkar Class Project: CS 395T.
Denial of Service Attacks: Methods, Tools, and Defenses Authors: Milutinovic, Veljko, Savic, Milan, Milic, Bratislav,

Denial of Service Attacks: Methods, Tools, and Defenses Authors: Milutinovic, Veljko, Savic, Milan, Milic, Bratislav,
DDoS Attack and Its Defense1 CSE 5473: Network Security Prof. Dong Xuan.

DDoS Attack and Its Defense1 CSE 5473: Network Security Prof. Dong Xuan.

Similar presentations

Ads by Google