Ethical Hacking - Denial of Service

DoS ( Denial of Service ) is a type of attack meant to overload a system so that it is unable to service normal users. DoS may be used against a website or computer network to make it temporarily unresponsive.

Types of DoS attacks -

(1) Volume-based Attacks : Volume-based attacks include HTTP floods, UDP floods etc.

HTTP Flood − The HTTP Flood is used to send large number of HTTP GET and POST requests to a targeted web server. Which cannot be handled by the web server.

UDP Flood − The UDP flood is used to flood random ports on a remote host with numerous UDP packets, more specifically port number 53.

(2) Protocol Attacks : Protocol attacks include Ping of Death, SYN floods, Buffer overflow etc.

Ping of Death − The ping command is usually used to check the availability of a network resource. It works by sending small data packets to the network resource. The ping of death takes advantage of this and sends data packets above the maximum limit (65,536 bytes for IPv4 ) that TCP/IP allows.

SYN attack − In this the attacker sends a large number of SYN packets to a target server of the victim with fake source IP address.

Buffer overflow − A buffer is a temporal storage location in RAM ( Random Access Memory ) that is used to hold data so that the CPU ( Central Processing Unit ) can manipulate it before writing it back to the disc. Buffers have a size limit. This type of attack loads the buffer with more data that it can hold. This causes the buffer to overflow and corrupt the data it holds.

(3) Application Layer Attacks : Application Layer Attacks include Slowloris, Zero-day DDoS attacks etc.

       Similarly DDoS ( Distributed Denial of Service ) means a DoS attack using a number of separate machines, typically a Botnet. DDoS attacks are one of the most destructive hacking techniques, costing billions in damages to companies each year. Some of the biggest DDoS attacks can reach speeds of up to hundreds of Gigabits per second.