Denial of Service

A DoS attack is an attempt by a hacker to flood a user's or an organization's system. As a CEH, you need to be familiar with the types of DoS attacks and should understand how DoS and DDoS attacks work. You should also be familiar with robots (BOTs) and robot networks (BOTNETs), as well as smurf attacks and SYN flooding. Finally, as a CEH, you need to be familiar with various DoS and DDoS countermeasures.
There are two main categories of DoS attacks:
  • Attacks sent by a single system to a single target (simple DoS)
  • Attacks sent by many systems to a single target (distributed denial of service, or DDoS)
The goal of DoS isn't to gain unauthorized access to machines or data, but to prevent legitimate users of a service from using it. A DoS attack may do the following:
  • Flood a network with traffic, thereby preventing legitimate network traffic.
  • Disrupt connections between two machines, thereby preventing access to a service.
  • Prevent a particular individual from accessing a service.
  • Disrupt service to a specific system or person.
Different tools use different types of traffic to flood a victim, but the result is the same: a service on the system or the entire system is unavailable to a user because it's kept busy trying to respond to an exorbitant number of requests.
A DoS attack is usually an attack of last resort. It's considered an unsophisticated attack because it doesn't gain the hacker access to any information but rather annoys the target and interrupts their service. DoS attacks can be destructive and have a substantial impact when sent from multiple systems at the same time (DDoS attacks).
Because DoS attacks are so powerful and can cripple a production system or network, this chapter does not include any DoS tool exercises. If you want to test the tools listed here, ensure that you are not using them on a production network or system. The DoS tools could render the target systems unusable.
DDoS attacks can be perpetrated by BOTs and BOTNETs, which are compromised systems that an attacker uses to launch the attack against the end victim. The system or network that has been compromised is a secondary victim, whereas the DoS and DDoS attacks flood the primary victim or target.

No comments:

Post a Comment

Popular Posts