Denial of service attacks is one of the methods employed by hackers to attack a host machine. In denial-of-service attacks, the host is prevented from responding to a request by its trusted pair in a communication by an attacking machine which keeps it busy by giving it a lot of requests to process.
A denial-of-service attack is a result of vulnerabilities present in network communication. These vulnerabilities could be from the network architecture, server system architecture or software architecture. Bugs and defects in operating systems and software also open a machine to denial-of-service attacks. Bandwidth limits also present attackers with an opportunity to attack machines.
Denial-of-service attacks can be categorized depending on the methods used. There is a voluntary denial-of-service attack when the system administrator acknowledges and allows the attacks. Flood denial-of-service attack occurs when the attacker sends the machine more packets than it can process, thus keeping it busy and prevent it from receiving any packets from its trusted pair. Flood attacks consume a lot of computing resources like bandwidth and resources of other computers on the network by sending large and numerous packages.
Software attacks occur when vulnerabilities in software are exploited to attack a machine. Hackers create a number of malformed packets that are used for these attacks. Ping of Death is a typical software attack. The hacker uses the ping facility provided in most operating systems to gain access to a computer system. They can send oversized ping packets. Target system can be crashed by this form of attack or can be restarted. DNS Service attacks also form part of the software attacks. This may involve DNS spoofing, in which customers are directed to another IP address, other than the correct one or DNS overflow, in which the length of the addresses in the Domain Name System are not correctly verified.
Isolated attacks are an attack from a single source. A distributed attack results from more than one attack sources. This depends on the ability of the hacker to expose information on a number of systems at the same time. It is more difficult to carry out as thousands of hosts are required to make it successful.
TCP SYN attacks exploit the three-way handshake of TCP to attack a host machine. The hacker establishes a number of half-way connections, which are stored in a data structure. It then sends excess SYN requests to the server.
Denial-of-service attacks can be prevented by implementing a Network Address Translation, which refuses network traffic coming through particular ports or specific network addresses. Router filters could also be used to counter denial-of-service attacks. Security patches must be constantly updated to counter new methods of denial-of-service attacks. You may also use intrusion detection systems or disable any service on your computer that is not being used. There are also software packages that can be used for detecting and countering denial-of-service attacks. Tripwire detects changes in configuration information or other files on the computer.
Every computer is vulnerable to denial-of-service attacks. Take steps to protect your system from these attacks as they can corrupt your important data or the whole system.
About Author / Additional Info: