logo

Understanding DoS and DDoS Attacks

4 Pages834 Words488 Views
   

Added on  2019-09-25

About This Document

This article explains the differences between DoS and DDoS attacks, and how they consume network and server resources. It also includes a network diagram of a typical DDoS attack and an example of a recent DDoS attack. Finally, it suggests two methods for detecting, preventing, and mitigating DDoS attacks.

Understanding DoS and DDoS Attacks

   Added on 2019-09-25

ShareRelated Documents
What is a DoS attacks? DDoS? What are the differences between DoS and DDoS? Explainthe difference between attacks that consume network resources vs consuming server resources (e.g. RAM, CPU). Use the examples of TCP SYN flooding and ICMP (Ping) flooding attacks in your explanation.A denial of service (DoS) attack is an action that prevents or impairs the authorized use of networks, systems, or applications by exhausting resources such as CPU, memory, bandwidth and disk space (Ambrosin, 2015).A distributeddenial-of-service(DDoS)attackoccurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such anattackis often the result of multiple compromised systems (for example, a botnet) flooding the targeted system with traffic.Attacks that consume network resources TCP SYN Flooding Attack can be used to consume network resources where Attacker sends TCP SYN segments to target, Source address spoofing is used on TCP SYN segments; no ACKs from client, Target becomes overloaded processing SYNs and storing connection information in memory (Bogdanoski, 2016). This way it would not be able toaccept any other connection and will start dropping the connections.Consuming server resourcesAttacker has access to high capacity link and Target’s connection to Internet is lower capacity. Attacker uses ping to send many ICMP requests to target server Link from ISP to router is overloaded; router drops (valid) packets.
Understanding DoS and DDoS Attacks_1
Q. Draw a network diagram that illustrates a typical (but simplified) DDoS attack involving: attacker, zombies or bots, (command and) control servers and target. Explain your diagram, including what is the role of zombies/bots and control servers.The attacker gives some malicious software to some computers on the internet. The attacker takes control of computers on internet we call them zombies, where collection of zombies is referred to as botnets. The attacker needs to sends control messages to the zombies using the control servers to tell them to start their attack.So the zombie will start pinging many computers on the internet and the computers that would reply would be flooded by the request (Chen, 2013).Describe an example of a recent DDoS attack, including who was targeted, what amountof resources were consumed (e.g. how many Gb/s), when was the attack, and the likely perpetratorsA recent set of publicised DDoS attacks made use of the Network Time Protocol. NTP is used for computers to synchronise their clocks with more accurate time servers. There are many publictime servers. The attack took advantage of the fact that older versions of NTP servers allowed a client to send a request for a list of monitoring data the server records. The list stores records of up to 600 different hosts that have communicated recently with the time server (Liu, 2013). This allowed a malicious node to send a small request to a NTP server, which then responds with a very large response. With source address spoofing, and lots of NTP servers to use, this makes for a very effective DDoS attack.
Understanding DoS and DDoS Attacks_2

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Advanced Network Security - DDos Mechanism | Assignment
|5
|857
|149

An Active Defense Mechanism for TCP SYN flooding attacks
|6
|3528
|82

Denial-Of-Service and Distributed Denial-Of-Service Attacks
|5
|675
|90

Computer Security: Melbourne IT Attack
|10
|2318
|138

Denial of Service and Distributed Denial of Service Attacks
|4
|586
|366

Being Observed Questions 2022
|6
|762
|15