Thursday, 31 January 2013

Denial of Service (DoS) Attacks


Denial of Service (DoS) Attacks

Denial of Service or DoS attacks result in a specific service being made
unavailable to legitimate users. These attacks typically have one of
three targets:
• The network connection providing access to the service.
• The operating system hosting the service.
• The application level program providing the service.
The Network Connection Providing Access to the Service
By flooding the network with traffic, less bandwidth is available for use
by the service. If enough bandwidth is consumed in this flood, access to
the service could effectively deny service to legitimate users.
Example
A typical example of this is the Smurf attack, where data is sent to the
broadcast address of a network, and the source address of the traffic is
specified as that of the target machine. This results in all the systems on
the network responding to the supposed source at the same time,
thereby generating huge amounts of traffic.
The Operating System Hosting the Service
Operating systems have been found to be vulnerable to denial of
service attacks. In the case of network based attacks this is caused by
the operating system's specific implementation of the networking stack.
A bug in this stack can cause the entire operating system to hang or
reboot when anomalous network traffic is encountered.

Example
A well known example is the Windows NT Out of Bound attack (OOB),
which caused affected systems to produce the “blue screen of death”
when sent specific IP packets.
We can expect to see more vulnerable IP stacks appearing as the market
focus shifts to embedded Internet enabled devices, where each vendor
is using their own implementation of the IP stack.

No comments:

Post a Comment