In last several years, Daniel of Service attack (DoS)/ Distributed Daniel of Service attack (DDoS) has become one of the most critical threats for internet security, though it’s easily accomplished by the intruders. Even, proven and practicable attacking software are also available on the Internet. To get rid of this attack, first of all we have to know its consequences.
Typically, an internet connection is established using a methodology named ‘THREE WAY HANDSHAKING’. Following this protocol, at first client pc sends request (SYN) for connection establishment and then receiving this request server pc response to it sending an acknowledgement of approval (SYN_ACK) message to the client pc. Lastly, client pc also sends an acknowledgement (SYN_ACK) message to the server telling it, “I got the message, Thank you” and then if everything is all right, connection establishes.
What happens in case of DoS attack is, a person, whether being inside or outside of a network, makes services unavailable by overflowing the network system that normally provides them. DoS intrusion causes server overrun and resource consumption. This may often prohibits the server from making response to actual clients. It may spoil whole network infrastructure. There are several kinds of DoS attacks. Followings are some examples:
Smurf attack is one of the most recent DoS strokes on hosts at the network level. In this case, a thug generates a huge amount of ICMP ping requests (datagram) with fake source addresses and sends them to the IP broadcast address of a network, that is, remote LANs broadcast addresses. Then the routers/switch (layer 3) broadcasts these requests to layer 2 broadcast addresses. Most of the hosts connected to the network will then send reply for each of the echo. Thus, the network is overwhelmed by fake echo multiplied by the number of connected hosts. Normally the attacker uses largest packets (up to Ethernet...