Understand the Dos Attack,
how it can cause damage to the network.
Internet the
network of a network was the wonderful result of many geniuses and intelligent
guys who has changed the world totally. Now a day everyone is free to access
the internet from any corner of the world and with any devices. It is not
secure to surf on internet as the internet is now is the hub of infections
like: - viruses, worms, attacks, malwares and most important the hackers. No
one is secure if you are surfing on internet you must have to keep in mind what
to do and what not to do then only you are secure otherwise not.
Everything is
now digitalized, no need to go anywhere sit at home and do what you want to do,
if you want to pay the bills (electricity, telephone, mobile) pay it online,
you want to do shopping go to online shopping site do it and get your product
delivered at your footstep, you need to buy a electronics purchase online, why
to go to bank to transfer money do it through internet banking. If you want to
know the background or information about any website simply go to their websites.
An attack by a hacker on any website with the aim to make a website temporary
unable for the services to the customer, clients, a user is called as “availability based attack”. The
availability based attack is also called as “DoS attack”.
DoS attack is the most
popular attack and hot topic to be considered for discussion. DoS attack has taken top most place on
every news headlines around the world making the stories how an individual or
the group of hacker be able to break the security of the website bring it to
shut down for several hours denying the it from the service thus causing the
financial lose.
What
is DoS attack?
How
badly it impact the business?
How
they are created?
How to
prevent from DoS attack?
DoS means “Denial Of the service”, stopping,
refusing someone from the service he/she wants or requesting for a service.
For the better
understanding let’s start with a scenario. You are standing in a Ticket counter
queue to take a bus ticket and only one counter is open. Now when you’re about
to approach to the counter suddenly a another person rushes to the counter and
had a small talk with the counter person being you as a legitimate user you are
left behind suppose after this malicious user’s another person approaches to
the counter for some enquiry again you are left behind keeping you waiting and
wasting your time. This is the basic of DoS Attack. In DoS attack attackers
bombard their target with a massive amount of requests – exhausting its network
thus preventing legitimate users from having access; the large web servers are
robust enough to withstand a basic DoS attack from a single machine without
suffering loss.
In a DoS attack
an attacker uses a single machine to exhaust resources of another machine, in
order to prevent it from functioning normally.
DDoS attack is the up
gradation of DoS attack, DDoS
(Distributed Denial of the service).
As in the earlier DoS attack the attacker were using single machine in
order to exhaust the resources of another system thus making the availability ,
financial , business loss, as the time passes so the state of wellness also
changes now the big companies or a network are deploying the server which are
robust enough to withstand the basic DoS attack. The way to comedown the any
network is DDoS attack.
DDoS attacks
employ multiple machines for increased effectiveness. A
collection of hundreds or thousands of compromised machines acting as an army
under the control of one attacker is called a “botnet”.
Launching a DDoS
attack is not a difficult task; a non-technical individual can also do that. If
you want to launch the DDoS attack various DDoS services are available for
anyone to use but they are pied. Anyone using such a service can launch a
powerful DDoS attack on a target of their choice from anywhere but you have to
pay for the services, depending on the attack size and duration.
Business Impact & financial Loss
The DDoS attack
has bad impact on business, Often, these effects are both qualitative and
quantitative, and can involve financial losses, reputational damage, and legal
repercussions. The organization experiences the financial loss only when its
Website experiences downtime significantly depending upon the sector to which
that particular organization belongs to. The most significant business impact
is that related to its customers. If the
customer tries to access an organization’s Website but is unable to do so
because of downtime and is not able to buy anything, access information, or can
use any services results to the financial loss or even increased business for
competitors may result.
It is important for an
organization to protect them self from DoS & DDoS attack, without the
proper protection mechanism the organization can easily be the victim of DoS &
DDoS attack and likely to experience the financial loss, reputation damage
which likely to impact its feature.
Michael C a high school student from West Island, Quebec, launched a series of denial of-service attacks in February 2000 against commercial websites like: - Yahoo, Dell, and Amazon.
Birth of DoS Attack
First DoS attack occurred in 1974
(42 year back), was carried out by a 13-year-old boy name David Dennis student at University High School, at the University
of Illinois Urbana-Champaign.
At that time David learned a new command
“external” or “ext.” that could be run on CERL’s PLATO terminals, meant to allow for interaction with
external devices connected to the terminals. When run on a terminal with no
external devices attached, however, it would cause the terminal to lock up and
require a shutdown and power-on to regain functionality.
David
Dennis
came with the idea and wants to see, realize what will happen when this
command is tested over a large group of people, He wrote a program that would
send the “ext.” command to many PLATO
terminals at the same time sitting in a room. One morning, he tested his
program; it resulted many of the users in
a room having to power off at once. He continued to test his program at other
locations
In
1999, the
first large scale DDoS attack occurred when
the attacker disable the University of
Minnesota’s computer network for over two days by using the “Trinoo” tool.
Other forms of DoS attack are:
1.
Ping
Of Death
On the Internet, ping of death is a denial of service (DoS) attack caused by an attacker deliberately sending an IP packet
larger than the 65,536 bytes allowed by the IP protocol. One of the features of TCP/IP is fragmentation; it allows a
single IP packet to
be broken down into smaller segments. In 1996, attackers began to take
advantage of that feature when they found that a packet broken down into
fragments could add up to more than the allowed 65,536 bytes. Many operating
systems didn't know what to do when they received an oversized packet, so they
froze, crashed, or rebooted.
Comments
Post a Comment