1. The document discusses different types of cyber attacks including denial of service (DOS) attacks, hacking, malware, spoofing, phishing, sniffing, and distributed denial of service (DDOS) attacks.
2. It provides details on several common DOS attacks such as flooding/bandwidth attacks, buffer overflow attacks, ping of death attacks, email flooding attacks, SYN flooding attacks, teardrop attacks, and smurfing/smurf attacks.
3. A DDOS attack is considered one of the most harmful types of attacks as it utilizes multiple compromised systems to launch a large scale flood of internet traffic at the target, overwhelming it and preventing regular traffic from getting through.
1. TYPES OF ATTACK …(PART 1)
Prof. Neeraj Bhargava
Mrs. Shubha Chaturvedi
Department of Computer Science, School of Engineering & System Sciences
MDS University Ajmer, Rajasthan
2.
3. It is an internet –borne activity that may harm or have
the potential to harm a computer or computer network
or telecom network of critical infrastructure and
compromise the confidentiality, integrity or availability of
network data or systems resources that disable
business, financial and personal activities.
Threats can be unintentional and intentetional, targeted
or non- targeted.
5. An attack on a computer network in which a
user or organization is deprived of services
provided on the server.
This attack disrupts normal traffic by means
of flooding the server with false messages or
requester and the goal is to literally shut the
server down.
7. Flooding is a Denial of Service (DoS) attack that is
designed to bring a network or service down by flooding
it with large amounts of traffic.
Flood attacks occur when a network or service becomes
so weighed down with packets initiating incomplete
connection requests that it can no longer process genuine
connection requests. By flooding a server or host with
connections that cannot be completed, the flood attack
eventually fills the host s memory buffer. Once this buffer
is full no further connections can be made, and the result
is a Denial of service.
8. A buffer is a temporal storage location in RAM
that is used to hold data so that the CPU can
manipulate it before writing it back to the disc.
Buffers have a size limit. This type of attack
loads the buffer with more data that it can
hold. This causes the buffer to overflow and
corrupt the data it holds. An example of a
buffer overflow is sending emails with file
names that have 256 characters.
9. Ping of Death Attack
The ping command is usually used to test the
availability of a network resource. It works
by sending small data packets to the
network resource. The ping of death takes
advantage of this and sends data packets
above the maximum limit (65,536 bytes) that
TCP/IP allows. TCP/IP fragmentation breaks
the packets into small chunks that are sent to
the server. Since the sent data packages are
larger than what the server can handle, the
server can freeze, reboot, or crash.
10. In email dos attack , an attacker uses the
flooding of spam email messages to launch a
similar attacks on our email account for
interruption.
Our email account supplied to us has fixed
storage area allotted and the amount of data
we can have in our account at any given time.
Attacker sends many large email messages to
the account , and attacker can consume our
storage quota, preventing us from receiving
legitimate messages.
11. SYN is a short form for Synchronize. This
type of attack takes advantage of the three-
way handshake to establish communication
using TCP. SYN attack works by flooding the
victim with incomplete SYN messages. This
causes the victim machine to allocate
memory resources that are never used and
deny access to legitimate users.
12. This type of attack uses larger data packets.
TCP/IP breaks them into fragments that are
assembled on the receiving host. The
attacker manipulates the packets as they are
sent so that they overlap each other. This can
cause the intended victim to crash as it tries
to re-assemble the packets.
13. This type of attack uses large amounts of
Internet Control Message Protocol (ICMP)
ping traffic target at an Internet Broadcast
Address. The reply IP address is spoofed to
that of the intended victim. All the replies are
sent to the victim instead of the IP used for
the pings. Since a single Internet Broadcast
Address can support a maximum of 255 hosts,
a smurf attack amplifies a single ping 255
times. The effect of this is slowing down the
network to a point where it is impossible to
use it.
14. A distributed denial-of-service (DDoS) attack is a
malicious attempt to disrupt the normal traffic of a
targeted server, service or network by overwhelming
the target or its surrounding infrastructure with a flood
of Internet traffic.
DDoS attacks achieve effectiveness by utilizing
multiple compromised computer systems as sources of
attack traffic. Exploited machines can include computers
and other networked resources.
From a high level, a DDoS attack is like an
unexpected traffic jam clogging up the highway,
preventing regular traffic from arriving at its
destination.
15. Q1. Which DOS type is more harmful and
why ?
Q2. Differentiate between DOS and DDOs
type of attack?