Dos and DDos attack Explained : Ethical Hacking

 



Hello and welcome to GitcodeX

In this article you will learn about Dos and DDos attack, What they are and what a hacker can do with this attack.
So, Let's start...


Dos attack : Denial-of-service attack 




Dos attack is a cyber attack where the perpetrator seeks to make a machine or network resources unavalible to its intended users by temporarily or identifinitely disrpting services of host connected to the internet. It is an attack used to deny legitimate users access to a resource such as accessing a website, network, emails, etc. or making it extremely slow. 


Denial of service is typically accomplished by flooding the targeted machine or resoources with superfluous requested in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.


This type of attack is usually implemented by hitting the target resources such as a web server with too many request at the same time. This results in the server falling to respond to all the requests. The effect of this can either be crashing the servers or slowing them down.


For example; If a hacker do Dos attack on a website, the website will get a huge amount of traffic and the website can not handle that traffic at a same time, so it becomes very slow or crashes down, due to this users of that site are not able to access that site.


Denial of service is basically a simple attack that is designed to bring the network to its knees by flooding it with useless traffic. In its simplest form, it uses up all of the system resources so that other can't connect. More sophisticated attacks will cause the system to crash or create a infinite loop that uses all of the system's CPU cycles. 



DDos attack : Distributed-denial-of-service-attack





Distributed enial of service attack is same like Dos attack, In DDOs attack the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible makes it impossible to stop the attack simply by blocking a single source. 


A distributed denial of service attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such attack is often the result of multiple compromised systems (for example a botnet) Flooding the targeted system with traffic. 


For example : The hacker is going to target a big server, so obviously the bendwidth will be more of that server, there will be many servers from that main server, In this situation hacker can not use Dos attack. The hacker will take help of botnet and do the attack. Botnet are those compromised systems which have been hacked in past by the hacker. hackers use these devices in such attacks.




Criminal perpetrators of DDos attacks often target sites or services osyed on high-profiled web servers such as banks or creditcard payments gateways. Revenge, blackmail and activism can motivate these attacks.


Cutting off some business from the internet can lead to significant loss of business or money. The internet and computers network power a lot of businesses. Some organizations such as payment gateways , e-commerce sites entriely depend on the internet to do business.


Types of DDos attacks :

Volumetric attack : 
The attacker simply sends a large volume of packets to the target thereby using up all the resources. The resources used might simply be bandwidth. 


Fragmentation attack :
IP fragmentation is the process of breaking up a single internet protocol (IP) datagram into multiple packets of smaller size. Every network link has a characteristic size of messages that may be transmitted, called the maximum transmission unit (MTU).


Part of the TCP/IP suite is the internet protocol which resides at the internet layer of this model. IP is responcicle for the transmission of packets between networl end points. IP includes some features which provide basic measures of fault-tolerance (time to live, checksum), traffic prioritization and support for the fragmentation of larger packets into multiple smaller packets (IP field, fragment offset). The support for the fragmentation of larger packets provides a protocol allowing routers to fragment a packets into smaller packets when the original packet is too large for the supporting datalink frames. IP fragmentation exploits (attacks) use the fragmentation protocol within IP as an attack vector.


These attacks often use the server's resources rather than bandwidth going to and from of the server. They can also use the resources of the network equipment on the periphery of the server.


Application Layer attack : 
An application layer DDos attack (sometimes reffered to as layer 7 DDos attack) is a form of DDos attack where attackers target the application layer of the OSI model. The attacker over-exercises specific functions or features of a website with the intention to disalbe those functions or features. This application-layer attack is different from an entire network attack, and is often used against financial institutuins to distract IT and security personnel from security breaches.


some of vendors provide so called "booter" or "stresser" services, which have simple web-based front ends, and accept payment over the web. Marketed and promoted as stress-testing tools, they can be used to perform unauthorised denial of service attacks, and allow technically unsophisticated attackers access to sophisticated attack tools witout the need for the attacker to understand their use.


Dos attack tools :

Nemesy, RUDY, GoldenEye, UDP flood, PyLoris, Tor's Hammer, HULK, Blast, xerxes, The Low Orbit ion cannon (LOIC), HOIC, XOIC, Metasploit and many more.



Dos attack techniques :

Distributed Dos attack, Degradation of service attack, application layer floods, DDos extortion, HTTP post Dos attack, inetrnet control messages protocol (ICMP) flood, R-U-Dead-yet ?(RUDY), Nuke, Peer-to-peer attacks, Permenent denial of service attacks, Reflected / spoofed attack, Telephony denial of service (TDos) and many more,
If you want to know more about above attacks, Let me know in the comment ; )


Disclaimer :

Many jusdictions have laws under which denial-of-service attacks are illegal.
In india, Dos attacks are illegal according to section 66-f of indian information technology act of 2000 if any person denies access to an authorised personal to a computer resources, accesses a protected system or introduces contminant into a system, with the intention of threatening the unity, integrity, sovereignty or security of india, then he commits cyber terrorism.



Thank you for reading ; )

Post a Comment

Previous Post Next Post