Firstly, DOS is an acronym for Denial of Service attack which aims to shut down a network or a machine. Secondly, Distributed denial of service attack uses Bots to attack at the same time. Both the attacks make the network inaccessible to the users temporarily.
Let us take a look at some of its types.
Ping of Death (DOS Attack)
It is a type of attack where attacker aims to disrupt a target machine by sending larger packet. Certainly, packet size is larger than maximum allowable size. It uses Internet Control Message Protocol (ICMP). For instance, attacker will send IP packet larger than 65000 bytes which will cause the machine to freeze or crash.
Example
This type of attack was found in Microsoft Windows in mid 2013. Windows TCP/IP stack didn’t handle memory allocation correctly when processing incoming ICMPv6 packets. Hence, this lead to remote denial of service.
Prevention of Ping of Death
One way to stop this attack is by adding checks to make sure maximum packet size does not exceed.
Another way is to create a memory buffer with enough space to handle large packets.
Smurf Attack
This is a type of DDOS attack in which large number of ICMP packets with spoofed IP are broadcast to a computer network. In addition, it uses amplification and reflection tecnique.
Working
Firstly, the smurf malware builds a spoof packet that has its source address set to the real IP address of the targeted victim. Certainly, the number of packets will be increasing by the number of network devices.
Prevention of Smurf Attack
A good solution is to disable IP broadcasting addresses at each network router and firewall. Moreover, older routers are more likely to enable broadcasting by default, while newer routers will likely already have it disabled.
Example of DDOS Attack
On February 2018,1.35 terabits per second of traffic hit the developer platform GitHub all at once. Till date, the most powerful attack that took place on GitHub platform.
GitHub briefly struggled with intermittent outages as a digital system assessed the situation. Within it had automatically called for help from its DDoS mitigation service. Routing all the traffic coming into and out of GitHub. It sent the data through its scrubbing centers to block malicious IP packets. After eight minutes, attackers had relented and the assault dropped off.
Buffer Overflow
Buffer Overflow overwrites the memory fragments of the process which we cannot modify even intentionally or unintentionally. Overwriting values of the Base Pointer, Instruction Pointer and other registers causes some errors, exceptions, and segmentation faults to occur. It occurs when we operate on buffers of char type.
Prevention
We can protect against buffer overflow by using languages that offer built-in protection or via security measures.
In addition, there are runtime protection. Let’s take a look at them.
ASLR: Address space randomization randomly moves around the address space locations of data regions. Moreover, this attack needs to know about locality of code, and randomizing address spaces makes this virtually impossible.
Data execution prevention flags certain areas of memory as executable or non executable which can stop buffer overflow from running code in non executable region.
Teardrop Attack (DOS Attack)
This is a type of DOS attack that involves sending fragment packets to a target machine. Target machine cannot reassemble this packet due to bug in TCP/IP fragmentation reassembly, it crashes the target network.
Prevention
- Using caching servers
- Using secure proxy
Caching servers are very useful and efficient tool to prevent teardrop attack. These servers can provide static content so that the website can run.
Using secure proxy allows inspecting packets for the violation of data fragmentation rule. Mostly, it prevents bug-laden data coming to your device.
Summary
In conclusion, we have learnt in brief about denial of service and distributed denial of service attacks. We have seen its working and different types of attacks possible. Moreover, we have also seen some of its prevention techniques.
[…] Distributed denial of service attack ruses Bots to attack at the same time and targets computer […]
[…] attacks basically targets the performance of the network. This may include network congestion. Also Denial of Service (DOS) attack and corrupt information being routed is possible in such […]