What is a DoS attacks?

Added on -2019-09-25

| 4 pages
| 834 words

Trusted by 2+ million users,
1000+ happy students everyday

Showing pages 1 to 2 of 4 pages

What is a DoS attacks? DDoS? What are the differences between DoS and DDoS? Explainthe difference between attacks that consume network resources vs consuming server resources (e.g. RAM, CPU). Use the examples of TCP SYN flooding and ICMP (Ping) flooding attacks in your explanation.A denial of service (DoS) attack is an action that prevents or impairs the authorized use of networks, systems, or applications by exhausting resources such as CPU, memory, bandwidth and disk space (Ambrosin, 2015).A distributeddenial-of-service(DDoS)attackoccurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such anattackis often the result of multiple compromised systems (for example, a botnet) flooding the targeted system with traffic.Attacks that consume network resources TCP SYN Flooding Attack can be used to consume network resources where Attacker sends TCP SYN segments to target, Source address spoofing is used on TCP SYN segments; no ACKs from client, Target becomes overloaded processing SYNs and storing connection information in memory (Bogdanoski, 2016). This way it would not be able toaccept any other connection and will start dropping the connections.Consuming server resourcesAttacker has access to high capacity link and Target’s connection to Internet is lower capacity. Attacker uses ping to send many ICMP requests to target server Link from ISP to router is overloaded; router drops (valid) packets.
Q. Draw a network diagram that illustrates a typical (but simplified) DDoS attack involving: attacker, zombies or bots, (command and) control servers and target. Explain your diagram, including what is the role of zombies/bots and control servers.The attacker gives some malicious software to some computers on the internet. The attacker takes control of computers on internet we call them zombies, where collection of zombies is referred to as botnets. The attacker needs to sends control messages to the zombies using the control servers to tell them to start their attack.So the zombie will start pinging many computers on the internet and the computers that would reply would be flooded by the request (Chen, 2013).Describe an example of a recent DDoS attack, including who was targeted, what amountof resources were consumed (e.g. how many Gb/s), when was the attack, and the likely perpetratorsA recent set of publicised DDoS attacks made use of the Network Time Protocol. NTP is used for computers to synchronise their clocks with more accurate time servers. There are many publictime servers. The attack took advantage of the fact that older versions of NTP servers allowed a client to send a request for a list of monitoring data the server records. The list stores records of up to 600 different hosts that have communicated recently with the time server (Liu, 2013). This allowed a malicious node to send a small request to a NTP server, which then responds with a very large response. With source address spoofing, and lots of NTP servers to use, this makes for a very effective DDoS attack.

Found this document preview useful?

You are reading a preview
Upload your documents to download
Become a Desklib member to get accesss

Students who viewed this