🚫

DoS Attacks Overview

Sep 13, 2025

Overview

This lecture explains Denial of Service (DoS) attacks, including their types, mechanisms, tools used, prevention methods, and practical examples, with emphasis on network security concepts.

What is a Denial of Service (DoS) Attack?

  • A DoS attack aims to deny legitimate users access to a resource (website, network, server) by overwhelming it with requests.
  • DoS attacks cause targeted systems to crash or slow down, impacting businesses that rely on constant internet access.

Types of DoS Attacks

  • DoS: Attack initiated by a single host targeting a system.
  • Distributed DoS (DDoS): Attack coordinated by multiple compromised machines (botnet) flooding a target with traffic.

How DoS Attacks Work (Common Techniques)

  • Ping of Death: Sends oversized data packets, causing the server to crash or freeze.
  • Smurf Attack: Spoofs victim's IP in ICMP requests to a broadcast address, amplifying replies to overwhelm the victim.
  • Buffer Overflow: Overloads a memory buffer with excessive data, corrupting it and potentially crashing the system.
  • Teardrop Attack: Sends fragmented, overlapping packets that confuse and crash the victim’s system.
  • SYN Flood: Floods the target with incomplete SYN requests, exhausting server resources and blocking real users.

DoS Attack Tools

  • Nemesy: Generates random packets on Windows; may trigger antivirus alerts.
  • Land and LaTierra: Used for IP spoofing and opening TCP connections.
  • Blast: Tool for generating network traffic.
  • Panther: Floods networks with UDP packets.
  • Botnets: Networks of compromised computers used for large-scale attacks.

DoS Attack Prevention

  • Install security patches to fix operating system vulnerabilities.
  • Use intrusion detection systems (IDS) to detect and block illegal activities.
  • Deploy firewalls to block known attacker IPs.
  • Configure routers with Access Control Lists (ACL) to filter and drop suspicious traffic.

Examples of Attacks (Hacking Activities)

  • Ping of Death can be simulated by sending infinite large pings to a target using the Windows command prompt.
  • Nemesy can be used to flood a network device with packets, monitoring the impact via the target’s task manager.

Distributed Denial-of-Service (DDoS) Attack

  • DDoS attacks originate from multiple sources, making them harder to block than standard DoS attacks.
  • Botnets under attacker control are commonly used to launch DDoS attacks.

Summary of Key Points

  • DoS attacks disrupt access for legitimate users by overloading network resources.
  • Main types are DoS (single source) and DDoS (multiple sources).
  • Common methods include SYN Flood, Ping of Death, Smurf, Teardrop, and Buffer Overflow.
  • Prevention includes security patches, firewalls, intrusion detection, and network filtering.

Key Terms & Definitions

  • DoS (Denial of Service) — Attack that blocks user access to a network or resource by overwhelming it.
  • DDoS (Distributed Denial of Service) — DoS attack using many computers to increase impact.
  • Buffer Overflow — Error when more data is written to a buffer than it can handle.
  • ICMP (Internet Control Message Protocol) — Protocol used for network diagnostics like ping.
  • SYN Flood — Attack exploiting the TCP handshake by sending many incomplete connection requests.
  • Botnet — Network of infected computers controlled by an attacker.

Action Items / Next Steps

  • Review security patches and ensure systems are up-to-date.
  • Explore how intrusion detection systems and firewalls are configured for DoS prevention.
  • Study practical demonstrations of DoS techniques in a controlled, legal environment.

View note sourcehttps://www.guru99.com/ultimate-guide-to-dos-attacks.html