Wednesday 3 November 2010

DoS studies

Well, I've recently been learning about denial of service attacks, and I must admit it is an intriguing subject. Some info:

  • The SYN flood method of DoS attacks is perhaps the simplest and spoofs the ip address, so it can't be traced.
  • The SYN flood methods (illustrated in the first, rather funny picture) works by sending an ip header with an invalid sender IP address. When the server responds with an ACK packet there is no reply, so it resends it several more times and then finally closes the connection. This is a lot of resource usage for each packet.
  • When several computers are used in a DoS attack it is called a Distributed DoS attack or DDoS attack.
  • Another method of causing denial of service, and more effective than the simple SYN flood method is the Slowloris method.The Slowloris method is however traceable because it relies on creating a connection meaning the ip has to be sent. The Slowloris method is also ineffective on IIS servers. 
DISCLAIMER: THE AUTHOR IS NOT RESPONSIBLE FOR ANY DAMAGE THAT MAY BE CAUSED USING INFORMATION POSTED ON THIS BLOG. IT IS FOR EDUCATIONAL PUROSES ONLY.
    (LOL'd)

1 comment: