Skip to main content

Denial of service attacks

Denial of service attacks 
10.1.3 his page will teach students about denial of service (DoS) attacks. DoS attacks are designed to deny services to legitimate hosts that try to establish connections. DoS attacks are commonly used by hackers to halt system responses. One type of DoS is known as SYN flooding. SYN flooding exploits the normal three-way handshake and causes targeted devices to acknowledge to source addresses that will not complete the handshake.
The three-way handshake begins when the initiating host sends a SYN packet. The SYN packet includes the source IP address and the destination IP address. This source and destination address information is used by the recipient to send the acknowledgment packet back to the initiating device. 
In a DoS attack, the hacker initiates a SYN but spoofs the source IP address. Spoofing is a term used when the receiving device replies to a non-existent, unreachable IP address and then is placed in a wait state until it receives the final acknowledgment from the initiator. The waiting request is placed in a connection queue or a holding area in memory. This wait state requires the attacked device to use system resources, such as memory, until the connection timer times out. Hackers will flood the attacked host with false SYN requests to utilize all of its connection resources and prevent it from responding to legitimate connection requests.
To defend against these attacks, system administrators may decrease the connection timeout period and increase the connection queue size. Software also exists that can detect these types of attacks and initiate defensive measures.
The next page will discuss the concept of windowing.

Comments

Post a Comment

Popular posts from this blog

OSI layers / Peer-to-peer communications / TCP/IP model

OSI layers 2.3.4 This page discusses the seven layers of the OSI model. The OSI reference model is a framework that is used to understand how information travels throughout a network. The OSI reference model explains how packets travel through the various layers to another device on a network, even if the sender and destination have different types of network media. In the OSI reference model, there are seven numbered layers, each of which illustrates a particular network function. - Dividing the network into seven layers provides the following advantages: • It breaks network communication into smaller, more manageable parts. • It standardizes network components to allow multiple vendor development and support. • It allows different types of network hardware and software to communicate with each other. • It prevents changes in one layer from affecting other layers. • It divides network communication into smaller parts to make learning it easier to understand. In the foll...
Post a Comment
Read more

Advantages and disadvantages of link-state routing

Advantages and disadvantages of link-state routing 2.1.5  This page lists the advantages and disadvantages of link-state routing protocols. The following are advantages of link-state routing protocols:  Link-state protocols use cost metrics to choose paths through the network. The cost metric reflects the capacity of the links on those paths. Link-state protocols use triggered updates and LSA floods to immediately report changes in the network topology to all routers in the network. This leads to fast convergence times. Each router has a complete and synchronized picture of the network. Therefore, it is very difficult for routing loops to occur. Routers use the latest information to make the best routing decisions. The link-state database sizes can be minimized with careful network design. This leads to smaller Dijkstra calculations and faster convergence. Every router, at the very least, maps the topology of it...
Post a Comment
Read more

PC Basic...

• Backplane – A backplane is an electronic circuit board containing circuitry and sockets into which additional electronic devices on other circuit boards or cards can be plugged; in a computer, generally synonymous with or part of the motherboard. • Network interface card (NIC) – An expansion board inserted into a computer so that the computer can be connected to a network. • Video card – A board that plugs into a PC to give it display capabilities. • Audio card – An expansion board that enables a computer to manipulate and output sounds. • Parallel port – An interface capable of transferring more than one bit simultaneously that is used to connect external devices such as printers. • Serial port – An interface that can be used for serial communication in which only one bit is transmitted at a time. • Mouse port – A port used to connect a mouse to a PC. • USB port – A Universal Serial Bus connector. A USB port connects devices such as a mouse or printer to the computer ...
Post a Comment
Read more