Pentesting

Denial of Service

  • Accomplish nothing more than taking down a system or simply denying access to it by authorized users

  • Distributed denial-of-service (DDoS)

    • not from one system but many, usually part of a botnet (network of zombie computers)

  • Distributed reflection denial-of-service (DRDoS)

    • another way of saying botnet, also known as spoof attack

    • uses multiple intermediary machines to pull of the denial of service

    • having secondary machines send the attack lets the attacker remain hidden because the attack appears to come from those secondary machines

Categories

  • Fragmentation attacks

    • takes advantage of the system's ability to reconstruct fragmented packets

  • Volumetric attacks

    • Known as bandwidth attacks, consume all available bandwidth for the system or service

  • Application attacks

    • consumes the resources necessary for the application to run, effectively making it unavailable to others

  • TCP state-exhaustion attacks

    • targets load balancers, firewalls, and application servers by attempting to consume their connection state tables

  • SYN attack

    • Hacker sends thousands of SYN packets to the machine with a false source IP address

    • Machine tries to respond with a SYN/ACK but will fail

    • Eventually all the machine's resources are engaged, making it useless

  • SYN flood

    • Hacker sends thousands of SYN packets to the target but never responds to any of the return SYN/ACK packets

    • Since the target has to wait to receive an answer to the SYN/ACK, it will eventually run out of available connections

  • ICMP flood

    • Attacker sends ICMP Echo packets to the target with a spoofed (fake) source address

    • target continues to respond to an address that doesn't exist and eventually reaches a limit of packets per second sent

  • Smurt

    • Attacker sends a large number of pings to the broadcast address of the subnet, with the source IP spoofed to that of the target

    • Entire subnet will then start sending ping responses to the target, using up all the resources

    • fraggle is similar but uses UDP

  • Ping of death

    • Attacker fragments ICMP message to send to a target

    • Resulting ICMP packet is larger than the max size and crashes the system

    • This is not a valid attack with modern systems

  • Teardrop

    • Large number of garbled IP fragments with overlapping, oversized payloads are sent to the target machine

    • Takes advantage of weaknesses in the fragment reassembly function of the TCP/IP stack, making the system to crash or reboot

  • Peer to peer

    • clients of a peer-to-peer file-sharing hub are disconnected and directed to connect with the target system

  • Permanent Phlashing

    • DoS attack that causes permanent damage to a system

    • Usually damages hardware, bricking the system

PreviousAttacking VPNsNextExploiting FTP

Last updated