MARTIN PAOLO A. LAPORGA
This paper provides a general overview of denial-of-service attacks in which the primary goal of the attack is to remove or limit the victim’s access to a particular service or resource. The paper also provides an overview of on methods of attack and its impacts. It also includes information that may assist you on how to respond to such an attack. DESCRIPTION
"Denial-of-service" attacks are commonly characterized by an explicit attempt by hackers to prevent legitimate users of a service or resource from using them. It is also an effort to make one or more computer systems unavailable. It is typically targeted at web servers, but it can also be used on mail servers, name servers, and any other type of computer system. Denial of service (DoS) attacks may be started from a single machine, but they typically use many computers to carry out an attack. Since most servers have firewalls and other security software installed, it is easy to lock out individual systems. Therefore, distributed denial of service (DDoS) attacks are often used to coordinate multiple systems in a simultaneous attack. A distributed denial of service attack tells all coordinated systems to send a continuous stream of requests to a specific server all at the same time. These requests may be a simple ping or a more complex series of packets. If the server cannot respond to the large number of simultaneous requests, incoming requests will eventually become queued. This backlog of requests may result in a slow response time or a no response at all. When the server is unable to respond to legitimate requests, the denial of service attack has succeeded.
* attempts to "flood" a network, thereby preventing or slowing legitimate network traffic * attempts to disrupt o prevent connections between two machines, thereby disrupting or preventing access to a service * attempts to stop a particular user from accessing a service * attempts to disrupt service to a specific system or person Not all service unavailability, even those that result from hacker activity, are necessarily denial-of-service attacks. Other types of attack may include a denial of service as a component, but the denial of service may be part of a larger attack. Illegitimate use of resources may also result in denial of service. For example, an hacker may use your anonymous FTP area as a place to store illegal copies of commercial software, consuming disk space and generating network traffic. IMPACTS
Denial of service attacks can be problematic, especially when they cause large websites to be unavailable during high-traffic times. Fortunately, security software has been developed to detect DoS attacks and limit their effectiveness. While many well-known websites, like Google, Twitter, and WordPress, have all been targets of denial of service attacks in the past, they have been able to update their security systems and prevent further service interruptions.
Denial-of-service attacks can essentially disable your computer or your network. Depending on the nature of your enterprise, this can effectively disable your organization. Some denial-of-service attacks can be executed with limited resources against a large, sophisticated site. This type of attack is sometimes called an "asymmetric attack." For example, an attacker with an old PC and a slow modem may be able to disable much faster and more sophisticated machines or networks. METHODS OF ATTACK
Denial-of-service attacks can come in a variety of forms and aim at a variety of services and resource. There are three basic types of attack: * consumption of scarce, limited, or non-renewable resources * destruction or alteration of configuration information
* physical destruction or alteration of network components A. Consumption of Scarce Resources
Computers and networks need certain things to operate: network...