Thursday, September 15, 2011

What is DoS or DDoS attacks: Denial of Service Attack Tutorial

For any attack to be successful, there should be a vulnerability which exists in the system.  Generally the vulnerabilities that exist in the software such as Operating System and Applications can be removed by implementing proper patch management solutions. But there exists an inherent vulnerability in all the systems which is called “Limitations” and that is the vulnerability that is being targeted by DoS or DDoS attacks.

To better understand that let us take an example of a fully patched web server hosting an e-commerce application, and availability of that application stands at the core of business for it to succeed.  Now since the server that hosts the applications is most critical business asset it has been properly patched and any operating system or application assumingly does not have any vulnerabilities. But as any other system the server has following limitations.

• Bandwidth
• Memory
• Processing Power

If any or all of these resources are consumed to the fullest, the end user access to e-commerce application service would get affected, thus creating a denial of service affect.

An attack that would make a service go unavailable is called DoS attack. Apart from exploiting vulnerabilities as discussed above, the DoS attack can also be performed by exploiting resources limitations.  Some of the attacks that are possible on any computer system are given below: 

• Syn Flood
• UDP Flood
• Malformed Packets
• TCP RST Attack
• ICMP Flood

Since the attacker also uses a very similar computer system as that of Target, the attacker also suffers the same problem. That is to make the Target’s CPU go high, the attacker’s computer will also have to work hard enough thus making its own CPU go high. To over come these issues, attackers came with a new method where a small amount of attack can be initiated from large number of computer systems towards same target thus creating a DoS affect for target without creating one for self, and that method of attack is called Distributed Denial of Service Attack or in short DDoS attack. 

No comments:

Post a Comment