Types Of DoS Attacks

In the last post we discussed basics of denial of service attacks. I hope that was easy and clear if you haven’t read it I urge you to read it first then this post.

Click here to read Denial of Service (DoS) Attacks The Basics

In this section we are going to cover different ways that can be used to carry out denial of service attacks. Note that no matter what kind of DoS attacker selects his/her motives remain same i.e bandwidth consumption, disrupting network connectivity or the destruction of configuration information.

1.Smurf DoS or Ping Flood:
In this type of attack an attacker sends large number of ICMP echo (ping) to IP broadcast address and all the packets he/she sends have spoofed IP addresses. If the victim accepts IP broadcast request packets, then it will take ICMP request and reply thus multiplying the traffic by number of hosts resulting bandwidth consumption. Modes of attack used are bandwidth consumption and network connectivity.

2.Fraggle DoS Attack:
It is same as Smurf DoS attack but instead of ICMP packets it uses UDP echo requests. Modes of attack used are bandwidth consumption and network connectivity.

3.Buffer Overflow Attack:
Most commonly used DoS attack, can be performed locally or remotely. Most commonly used attack method is using a vulnerable application or program. Result of compromise on security of network. Common modes of attacks are misuse of internal resources and altering configuration.

4.Ping Of Death:
In this type of attack an attacker deliberately sends an ICMP echo packet of more than 65536 bytes. IP packet with size of 65536 bytes is oversized packet for TCP/IP stack. Many OS don’t know how to response to such huge packet resulting in freezing or crashing down. Attack mode can be classified as altering of configuration and misuse of resources.

5.Teardrop Attack:
This attack takes advantage of fragmentation of IP packets during transmission. A large packet is chopped in pieces for easy transmission with each having sequence number in offset so that when all chucks get received they can be easily combined. In tear drop attack an attacker manipulates the offset value of the second or later fragment to overlap with previous or next one. This attack may cause hang and crash of system. Mode of attack is altering configuration.

6.SYN Half Open and SYN Flood:.
In SYN half open attack attacker exploits weakness in TCP three way handshake method and sends only SYN packet with spoofed IP and thus the target waits for opened connection to completed and since IP is spoofed there remains hardly any chance that connected will be completed. This results in non-availability of resources builds overload on system and it crashes down.
In SYN flood attack attacker sends thousands of SYN packets to victim with huge frequency than it can handle resulting in denial of further requests. Both can be categorized under attacks against consumption of network resources and altering configuration.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s