What is DoS Attack?
A denial of service attack’s up all of the system resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet so that others can’t connect. DoS atack hitting the target server, network resources or service with too many requests at the same time for this reason server deny to respond to all the requests. The effect of this can either be crashing the servers or extremely slowing them down. DoS’s intent is to deny legitimate users access to a resource such as a website, network, server, WiFi etc.
DoS vs DDoS Attack
There are two general forms of DoS attacks DoS & Distributed DoS. in distributed denial of service(DDoS) attack involves more than one attack source. main difference between DoS and DDoS Attacks is that The DoS attack typically uses one computer and one Internet connection to flood a targeted network or resource. The DDoS attack uses multiple compromise computers(Zombies or Botnet) and Internet connections to flood with data packets the targeted resource.
Criminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as e-commerce sites, banks, credit card payment gateways. Revenge, blackmail and activism can motivate these attacks. DDoS cutting off some business from the internet can lead to significant or financial loss.
DoS/DDoS Attack Method
DoS Attack can categorize into at least three different types.
1. Volumetric Attacks
Volumetric attacks are the most common types of DoS attack about 65% attacks are volumetric attack. Volumetric Attacks that use massive amount of traffic saturating the bandwidth of the target. Attacker simply sends a large volume of useless packets to the target thereby using up all the resources.
2. Fragmentation/Protocol Attacks
Fragmentation attacks are a common form of denial of service attack, in which the perpetrator overbears a network by exploiting datagram fragmentation mechanisms. fragmentation attack use the resources of the network equipment on the periphery of the server such a firewalls, intrusion detection systems, and switches. fragmentation attacks can take several forms. While they all exploit the breakdown of datagrams in order to overbear the target networks.
3. Application layer Attack
An application layer attack is a form of DDoS attack where attackers target the application layer of the OSI model attacker exploit a weakness in the layer 7 protocol stack. The attack over-exercises specific functions or features of a website with the intention to disable those functions or features.
DoS/DDoS Attack Tools
The following are some of the popular tools that can be used to perform DoS and DDoS attacks.
- HULK (HTTP Unbearable Load King)
- RUDY (R-U-Dead-Yet)
- LOIC (The Low Orbit Ion Cannon)
- UDP flooder
- Tor’s Hammer
- DDOSIM – Layer 7 DDoS Simulator
Remember that many jurisdictions have laws under which denial-of-service attacks are illegal.
In India, denial-of-service attack is illegal, according to section 66-f of Indian information technology act of 2000 if any person denies access to an authorized personnel to a computer resource, accesses a protected system or introduces contaminant into a system, which the intention of threatening the unity, integrity, sovereignty or security of India, then he commits cyber terrorism.
In the US, denial-of-service attacks may be considered a federal crime under the Computer Fraud and Abuse Act with penalties that include years of imprisonment. The Computer Crime and Intellectual Property Section of the US Department of Justice handles cases of (D)DoS.
In European countries, committing criminal denial-of-service attacks may, as a minimum, lead to arrest. The United Kingdom is unusual in that it specifically outlawed denial-of-service attacks and set a maximum penalty of 10 years in prison with the Police and Justice Act 2006, which amended Section 3 of the Computer Misuse Act 1990.
DoS Attack Practical Demo
Videos are education purpose only please don’t try it at any website or network of without permission.
1. Taking down WiFi Network.
2. Taking down website.
Keep coming back…