6.3.6 DoS Attack Facts
What are two countermeasusres can be implemented for DoS and DDoS attacks?
Intrusion Detection Systems (IDS) or Intrusion Protection Systems (IPS) and Strong anti-virus and anti-spyware software on all systems with Internet connectivity.
In a ping flood? (Two things)
The attack succeeds only if the attacker has more bandwidth than the victim and The attack hopes that the vitim will respond with ICMP Echo Reply packets, thus consuming outgoing bandwidth as well as incoming bandwidth.
In the Ping of death? (Two things)
The attacker sends on very large ICMP packet (Larger than 65,536 bytes) directly to the victim and The size of the packet causes the system to freeze, crash, or reboot.
What are the two DoS attacks that exploit the UDP protocol?
Fraggle and Teardrop.
What happens in the teardop attack?
Fragmented UDP packets with overlapping offsets are sent and When the victim system rebuilds the packets, an invaild UDP packet is created, causing the system to crash or reboot.
What do DoS and DDoS do?
Impact system availability by flooding the target system with traffic or request or by exploiting a system or sofware flaw.
What is the Ping of death? (Also called a long ICMP attack)
A DoS attack that uses the ping program to send oversized ICMP packets.
What is a Smurf attack?
A form of DRDoS attack that sppfs the souce address in ICMP packets. (A smuft attack requires an attacker system, an amplification network, and a victim computer or network.)
What is a ping flood?
A simple DoS attack where the attacker overwhelms the victim with ICMP echo Request (ping) packets.
What is a DoS attack?
A single attacker directs an attack against a single target, sending packets directly to the target.
What does DoS stand for?
Denial of Service
What does DDoS stand for?
Distibuted Denial of Service
What does DRDoS stand for?
Distributed Reflective Denial of Service
In addition to specific automated attacks, spamming (i.e sending unwanted e-mail messages) can become a form of DoS attack because of what three reasons?
It consumes bandwidthe taht is used by legitmate traffic, It can fill a mailbox or hard disk and reult in legitmate e-mail being rejected, and Spam is ofter distibuted by hijacking misconfigured SMTP servers.
What is the Teardrop attack?
Manipulates the UDP fragment numver and location
What is a DDoS attack?
Multiple PCs attack a victim simultaneously. A series of computers scan target computers to find weaknesses and then compromise the most vulnerable systems.
What are the three DoS attacks that use the ICMP protocol?
Ping flood, Ping of death, and Smurf
What are the three DoS attacks that exploit the TCP protocol
SYN flood, LAND, and Christman (Xmas) Tree.
What is a Fraggle attacks?
Sends a large ammount of UDP packets directed to broadcast addresses aimed at port 7 (echo) and port 19 (chargen--character generation) with spoofed souce addresses. It is a variation of the Smurf attack. (Using UDP instead of ICMP)
What is the goal of a DoS attack?
To make a service or device unavailable to respond to legitimate requests.
What does a DRDoS do?
Uses amplification network to increase the severity of the attack. Packets are sent to the amplification network addressed as coming from the target. The amplification network responds back to the target system.