10-04-2017, 08:57 PM
Ping of deathenial of Service Attacks-An Emerging Vulnerability for the "Connected" Network
abstract
denying access to essential
services by legitimate users is the main aim of the increasing new types of attacks in internet. This maybe through methods like crashing servers or routers, overwhelming the network with huge traffic to degrade the traffic. a readily available software program is all that one needs to launch a denial of service attack(DoS).
How IP Works
Computers share information over the Internet using a common language called IP. HTTP (Web), FTP
(File Transfer Protocol), POP3 (E-mail) etc arec part of this protocol package. They are identified by the port number. Normally , Web traffic uses TCP port 80.A client/server model is followed in computer networks when they communicate. When the server sends, the client listens. A web server server typically listens on port 80. Other ports are also open the same time. a hacker could attack it over an unprotected port if the server administrator is not careful.
Port Scans
hackers often employ a technique called "port scanning" for watching the unprotected ports on a server. more than 130,000 IP ports are present and each of these have clearly defined purposes. The general assignments are:
-port 21-FTP
-23 Telnet
-25 - SMTP
-80- HTTP
-110 - POP3
There may be other functioning ports like the port 8080 for a test Web site, Port 389 for LDAP directory access.
The fingerprint of port scaning is that a port scan will look like a series of "TCP Connection Dropped" or "UDP Connection Dropped" in the log of the seerver.
IP Spoofing
IP Spoofing is used by many hackers to hide their IP. They do it by modifying IP packet headers to look like they come from a different computer. This can also be used for malicious activities by by tricking a router or firewall into believing that the communication comes form a trusted computer within the network.
Denial of Service Attacks
The three types are:
-those that exploit bugs in a TCP/IP implementation
-brute-force attacks that flood a network with useless data
-those that exploit
weaknesses in the implementation of TCP/IP
For more details visit:
http://sonicwall-solutionspdfs/white_papers/denial_of_service_attacks.pdf