The Be Sure Blog

Code Snippets | Problem Solving | Tips & Tricks

The Be Sure Blog banner

Distributed Denial of Service Attacks

posted on 8.1.2023 by Below Surface in "Cyber Security"

“Denial-of-Service” (DoS) or “Distributed” DoS (DDoS) attacks aim to overwhelm a systems or networks capacities. The attacked service fails to deal with the type or amount of requests and is unable to operate normally. Attackers may do this to extort the victim for money, benefit from the downtime of the service or maybe just for fun. Another purpose can be to take a system offline for a while to launch the next attack on the system. One common example for this combination of attacks is DoS/DDoS with “Session Hijacking”. The duration of an attack varies, with some lasting more than a month.

There are five different DoS/DDoS-Attacks:

  1. TCP SYN flood
  2. Teardrop
  3. Smurf
  4. Ping-of-Death
  5. Botnets

 

1. TCP SYN flood attack

The attacker exploits the use of the buffer space between a Transmission Control Protocol (TCP) session initialization handshake. The system’s small in-process queue is flooded with connection requests, but the attacker purposely does not respond on the received requests by the system. The target system will time out while waiting for the response, which makes the system crash or become unusable when the connection queue fills up.

Solution:

2. Teardrop Attack

This attack causes the length and fragmentation offset fields in sequential Internet Protocol (IP) packets to overlap one another on the attacked host. The attacked system fails to reconstruct the packets and crashes.

Solution:

3. Smurf Attack

IP Spoofing and ICMP is used to saturate the target network with traffic. ICMP echo requests are targeted at broadcast IP addresses. The ICMP requests originate from a spoofed victim address. For instance, if the intended victim address is 10.0.0.10 the attacker would spoof an ICMP echo request from 10.0.0.10 to the broadcast address 10.255.255.255. This request would go to all IPs in range, with all the response going back to 10.0.0.10, thus overwhelming the network.

Solution:

4. Ping of death attack

IP Packets are used to ping a target system with an IP over the maximum size of 65535 bytes. Packets of this size are not allowed, so the attacker fragments the IP Packet. Once the target system reassembles the packet, it may lead to buffer overflows and other types of crashes.

Solution:

5. Botnets

For botnet attacks a large number of normal users computers are previously infected with malware under hacker control in order to carry out distributed DoS attacks (DDoS). This “bots” or “zombies” are used to carry out attacks against the taget systems, often overwhelming the target system’s bandwidth and processing capabilities.

Solution:

Tags:

cyber security
ddos
distributed denial of service
tcp syn flood
teardrop
smurf
ping of death
botnets

Sources:

https://blog.netwrix.com/2018/05/15/top-10-most-common-types-of-cyber-attacks/https://www.itgovernanceusa.com/blog/six-most-common-cyber-attacks

More posts of this category

Man in the Middle attacks

How attackers intercept and relay data with bad intentions

Cyber Security

Password Attack Hacking

Learn about the different types of password hacking

Cyber Security

Drive-by attack hacking

Drive-by attacks or Drive-by downloads are a common way to distribute malware

Cyber Security