Types of Denial of Service Attack 1

Smurf Attack:

This form of an attack involves sending Internet Control Message Protocol (ICMP) or ping requests to multiple Internet Protocol (IP) broadcast addresses. All of these messages have a spoofed source address of the intended victim. The hosts receiving the ICMP echo request upon accepting it reply with an echo to the source address, which in this case is the target of the attack. The weight of this attack is therefore effectively multiplied by the number of responding hosts. If the attack took place on a multi-broadcast network there could potentially be hundreds of machines to reply to each packet sent.

UDP Flood:
A UDP flood, also known as a fraggle, is a cousin to the Smurf attack. This is based on UDP echo and character generator (chargen). It uses a forged UDP packet to connect the echo service on one machine to the chargen on another. These two machines then use up all available bandwidth, sending characters back and forth between themselves.

SYN Flood:
A SYN flood exploits the TCP standard 3-way handshake protocol. The attacker initiates a connect request to the server and then ignores the acknowledgement (ACK). This forces the server to wait for the ACK from the attacker, wasting time and resources. A server can at any given time only process a fixed number of requests and so this form of attack can effectively block all legitimate traffic.

The following are examples of distributed denial of service attacks and the way in which the zombie machines in each case are controlled. There are numerous variations of this kind of attack in existence.

We will post the next lesson shortly!