Denial of services attack means an attacker prevents legitimate users from accessing information and services. In this report I will write a bout definition of denial of services ,distributed Denial of services attack, reflected attack, how do you know that an DOS attack is happening?, types of DOS , and how denial of services attack work .
Definition of Denial of services:
DOS attack is means an attacker that prevents legitimate users from accessing in formations and services. Also, the attacker may be able to prevent you from accessing email , websites and other services.
Distributed Denial of services attack:
The attacker use your computer to attack another computer .how can the attacker do that ? the attacker take the advantage of the security weakness and When the attacker take the advantage of the security weakness , the attacker could control your computer. In addition ,the attacker send amount of data to website and send spam to email addresses. The attack is distributed because the attacker is using many computers. The major advantages that make the attacker using distributed of denial of services attack are that multiple machine can generate more attack traffic than one machine.
"A distributed reflected denial of service attack (DRDoS) involves sending forged requests of some type to a very large number of computers that will reply to the requests. Using Internet protocol spoofing, the source address is set to that of the targeted victim, which means all the replies will go to and flood the target. ICMP Echo Request attacks (Smurf Attack) can be considered one form of reflected attack, as the flooding host(s) send Echo Requests to the broadcast addresses of mis- configured networks, thereby enticing many hosts to send Echo Reply packets to the victim. Some early DDoS programs implemented a distributed form of this attack." (Charalampos Patrikakis, December 2009)
How do you know that an DOS attack happening?
You know that an DOS attack happening if there are technical problems with network . For example, if the network performance is usually slow, if the particular website is unavailable and if increase the amount of spam in your account.
Types of Denial of services :
TCP floods : means a stream of TCP packets with various flags set are sent to the victim IP address. ICMP echo request/reply: means that the a stream of ICMP packets are sent to a victim IP address. The example of this type is ping floods.
UDP floods: means that the a stream of UDP packets are sent to the victim IP address.
How a denial of service attack works:
During the connection , the user send a messages to the server to authenticate . The server returns authenticate to the user. The user acknowledges this authenticate that is allowed onto the server. Then the user sends server authentication requested to server .Then , All requests have false return addresses, so that means the server can't find the user when it tries to send the authentication. The server waits, sometimes more than a minute, before closing the connection. When it does close the connection, the attacker sends a new batch of requests, and the process will begins again.