Vistas for Network Security
Enterprise security
Effective solutions
Tools and standards
Free Newsletter

Stay updated, sign up for our free newsletter to receive useful tips

Full Name
Email Id
sign up

Tools for DoS Attacks

Some of the tools for DoS attacks are listed below.
  • Ping flooding is another wide spread technique of flooding the system with ping so that normal traffic does not reach the system.
  • Smurf uses spoofed broadcast ping messages in its denial of service attack.
    A large amount of ICMP echo (ping) traffic is sent to the target IP address. On a multi-access broadcast network many machines may reply to each packet causing flooding. Using a secure Router and proper configuration mitigates this problem.
  • UDP flood attack is done by sending a large number of UDP packets to random ports. If no application listens at that port the machine replies with an ICMP; destination unreachable packet. For large number of packets with spoofed addresses the victims computational resources are affected thereby slowing traffic on the network and reducing bandwidth.
  • LAND attack sends a spoofed TCP SYN packet to the targets IP address. The packets source and destination address is the same as that of the targets IP address. This causes the machine to reply to itself continuously.
    Rate this Article
      Excellent

      Good

      Average

      Bad

      Terrible

    rate

    Current Rating
    It is a security flaw discovered in Windows Server 2003 and Windows XP. Other services that have been LAND attacked are SNMP, Windows 88/TCP Kerberos, and chargen port on a UNIX system. This is also called a banana attack where outgoing messages are redirected to the client itself.
  • Tear drop is a remote denial of service by sending IP fragments with overlapping payload. When reassembling is done the operating system crashed due to a bug.
  • SPAM is Denial of Service too and is limited to your mail box.
Distributed Denial of service attacks
In a distributed DoS attack the host computers that initiate the attack do not know that they are participating in an attack. These compromised computers which are a part of a botnet are controlled by a bot master who ‘remote controls’ these machines. This Zombie army is then directed to attack specific targets. With these slave machines trying to access one IP address the target machine is flooded with many spoofed IP packets. Even well connected Web sites can be brought down by this means. Attacks may be routers, emails, DNS servers, Websites etc…One example of denial of service software is Stacheldraht that uses UDP flood, ICMP flood, TCP SYN flood and Smurf attack for a DDoS.
Distributed reflected denial of service
This attack is such that the source address of the packet is spoofed to that of the target computer. Forged requests with the target address are sent to a large number of computers. All the replies from these computers are sent to the source address which is the target victim.
How to Prevent Denial of Service Attacks
Prevention is the best way to avoid these DoS attacks and even DDoS attacks like Agobot, DSNX- The Dataspy Network X ddos bot source C++ code. Some of the methods may help you and some may not depending on the operating systems and the configuration of your server.
  • Implement service packs and patches as and when it is available
  • Configure all your ports properly by disabling any port or network service you are not using. This limits the ability of the intruder.
  • Enable quota system if your operating system supports it. It helps in keeping critical files and other resources out of other users’ access.
  • Observe the system performance and be more aware of speed of working and internet to be able to determine if anything is slowing down your system.
  • In case of large networks examine the physical security of your devices in addition to network security.
  • Use tools that notify you about changes in configuration or changes in other files
  • Maintain proper password policies.
  • Firewalls and access policies may help you to some extent but cannot prevent an all out attack. Modern inspection firewalls and routers like checkpoint FW1 NGX and Cisco PIX are made to differentiate good and bad traffic and can help in prevention of a DoS attack.
  • The best method to prevent DoS and DDoS is tracking down and shutting down botnets.
Denial of service has seen a growth due to rise in botnets. Denial of service is done by some crazy individual. Many botnet masters have been arrested and botnets shut down. Criminals are running botnet for monetary gain and a botnet is known in a denial of service attack. Denial of service is done more in extortion attempts and may soon increase with tools widely available on the net.

Related Articles
Botnets: Are you a Victim of This Spy Network?
Catch Hackers Lure Them to Your Honey pot
Better Security with Unified Threat Management Appliances
How to Prepare a Proper Enterprise Network Security Plan?

Bookmark this page Email this to your friend Add this page to del.icio.us


Suggest an Article

Haven´t found the article you are looking for, please suggest your article. We value all your suggestions and comments.