There are two general methods of DoS attacks: flooding services or crashing services. Flood attacks occur when the system receives too much traffic for the server to buffer, causing them to slow down and eventually stop. Popular flood attacks include:
- Buffer overflow attacks – the most common DoS attack. The concept is to send more traffic to a network address than the programmers have built the system to handle. It includes the attacks listed below, in addition to others that are designed to exploit bugs specific to certain applications or networks
- ICMP flood – leverages misconfigured network devices by sending spoofed packets that ping every computer on the targeted network, instead of just one specific machine. The network is then triggered to amplify the traffic. This attack is also known as the smurf attack or ping of death.
- SYN flood – sends a request to connect to a server, but never completes the handshake. Continues until all open ports are saturated with requests and none are available for legitimate users to connect to.
Distributed Denial of Service Attack (DDoS)
Distributed Denial of Service or DDoS attack is like the decorated officer in this gang. Much sophisticated by levels above normal DoS attack, DDoS generates the traffic on the target machine via more than one computers. The attacker controls several compromised computers and other devices at once and distributes the task of flooding the target server with traffic, heavily eating on its resources and bandwidth. The attacker can also use your computer to launch an attack on another computer if there are lingering security issues.
DoS attack prevention
DoS attacks can not be pre-determined. You can’t prevent being a victim of DoS attack. There are not many effective ways to that. However, you can reduce the prospect of being a part of such attack where your computer can be used to attack another. Take a note of below salient points which can help you get the odds in your favor.
- Deploy an antivirus program and firewall into your network if not already done. This helps in restricting the bandwidth usage to authenticated users only.
- Server configuration can help diminish the probability of being attacked. If you’re a network administrator at some firm, take a look at your network configurations and harden the firewall policies to block out unauthenticated users from addressing the server’s resources.
- Some third party services offer guidance and protection against DoS attacks. These can be expensive but effective as well. If you have the capital to deploy such services in your network, better get going.
No comments:
Post a Comment