Common Cyber Attacks: Denial-of Service (DOS) & Distributed Denial-of Service (DDOS) Attacks

A denial-of-service attack exhausts a system’s power, preventing it from responding to customer queries. A distributed denial of service (DDoS) attack is also an attack on device infrastructure, but it is initiated from either a large majority of other host computers compromised with malicious software managed by the attacker.

In contrast to threats that have been intended to allow the attacker to obtain or improve access, denial-of-service attacks do not have clear benefits to just the attacker. For any of them, the pleasure of service refusal is sufficient. If, on the other hand, the attacked advantage belongs to a business rival, the profit to the attacker could be substantial.

TCP SYN flood attack, teardrop attack, smurf attack, ping-of-death attack, and botnets are the most common examples of DoS and DDoS attacks.

What is a TCP SYN flood attack?

An attack targets the control packets during a Transmission Control Protocol (TCP) process synchronization handshake to launch this attack. The attacker’s computer fills the target system’s limited in-process list of link requests, but it really doesn’t respond once the target system responds.

Do you know what a teardrop attack is?

This attack allows the size and variance shift fields in concurrent Internet Protocol (IP) packets on the targeted host to overlap; the attacked device manages but fails to recreate packets during the operation. The goal machine gets overwhelmed and fails as a result. If users do not have the required patches to defend themselves against this DoS threat, disable SMBv2 and block ports 139 and 445.

When do you respond to a Smurf Attack?

This attack entails saturating a target system with traffic by using IP spoofing and the ICMP protocol. This form of attack employs ICMP echo requests directed at broadcast IP addresses. All ICMP requests are sent from a forged “victim” account. For example, if the attacker’s desired victim address is 10.0.0.10, he will fake an ICMP echo request from 10.0.0.10 to the broadcast address 10.255.255.255.

Cyber Security Professional | Red Team