Published on June 21st, 2011 | by Pradeep Farkya4
An Insight To DoS Attack
Finally i managed to get some time from my hectic schedule and write something on my blog.Today i am going to give an insight on Dos attack.You may have heard about this term if you have been in touch with the whistle-blower site wikileaks.
A Denial Of Service ( DoS ) attack is an attempt to make computer resources unavailable to its intented users.The purpose or intention of Dos attack may vary,but the main thing in common is to make an internet site or service non-functional.Dos attacks typically target site or services hosted on high profile web servers like banks,credit card payment gateways.It can be carried out by a person or group of persons.
A recent example can be of wikileaks,the whistle-blower site which was under such attacks recently by government agencies or other group of people,until they moved their servers.Even their domain name was removed.
One of the most common method of Dos attacks is by sending multiple requests to a site in a loop and thus preventing the legitimate traffic from reaching the websites.The reason the incoming traffic is blocked is because the server bandwidth allocated gets used-up.
Some of other methods include ping of death attack,if the pings sent to the server are more than 65,535 bytes then this cause the server to get congested.This flaw existed in the berkley network code and also on servers which copied the code.It is as simple as :
ping -l 86600 victim.org.
Another is the he Teardrop Attack.It uses IP’s packet fragmentation algorithm to send corrupted packets to the victim machine. This confuses the victim machine and may hang it.
There are many several other ways a Dos attack can be carried out and also if you search on web you may even find people doing this for you.
Distributed Denial of Service (DDoS) attacks : A distributed denial of service (DDoS) attack is a denial of service attack which is mounted from a large number of locations across the network.
The systems may have been compromised by a trojan horse or a worm.These compromised systems are usually controlled by client server software like trinoo,shaft,Mstream etc