(DOS) Attack

Download Report

Transcript (DOS) Attack 

HIGHER COMPUTER NETWORKING
Lesson 13 Denial of Service Attacks
Description of the denial of service attack:
effect: disruption or denial of services to legitimate users
costs of attack: system downtime, lost revenue and labour
involved in identifying and reacting to an attack
intent: malicious, personal or political
types of attacks: bandwidth consumption, resource
starvation, programming flaws and routing and DNS attacks
McLean 2006
1
HIGHER COMPUTER NETWORKING
What You Should Know About DOS Attacks
Denial of Service (DOS) Attack
A DOS attack is an Active attack which disrupts and denies
the services provided by a network to legitimate users.
Costs
Can be vast due to system downtime resulting in lost revenue
and the labour required to identify and react to an attack.
Motives
DOS attacks can be launched for either malicious, personal or
political intent.
McLean 2006
2
HIGHER COMPUTER NETWORKING
What You Should Know About DOS Attacks
Types Of DOS Attacks
Attacking routers – corrupted ICMP (Ping) packets divert routers
from their normal function and so overloading.
Bandwidth Consumption – flooding the network with useless
data disabling or crashing a server e.g. e-mail, web. Examples
include worms, smurf etc.
Resource Starvation – using up a network resource so that
legitimate users can’t access it e.g. corrupted packets held in a
buffer that can’t be processed
Programming Flaws – exploiting bugs in network OS or server
software to cause the network servers to crash e.g. PING of
Death.
McLean 2006
3
HIGHER COMPUTER NETWORKING
What You Should Know About DOS Attacks
Types Of DOS Attacks
DNS Attacks – a large number of DNS queries sent to a DNS
server with ‘spoofed’ IP address. DNS tries to locate fake IP so
bandwidth congested and consumed - can even crash DNS
server.
McLean 2006
4
HIGHER COMPUTER NETWORKING
What You Should Know About DOS Attacks
Activity
Using the Internet identify a ‘real-life’ example of each of the
following:
1. PING of Death
2. Bandwidth consumption
3. DNS attack
For each, make a brief note in your jotter.
Remember that these could be useful for providing examples in
exam questions!
McLean 2006
5