Chapter 7 (DOS attacks) Flashcards
What is a DOS attack
An action which prevents or impairs the authoirzed use of networks, systems, or applications by exausting resources such as CPU, memory, bandwidth, and disk space
3 categories of resources that can be attacked during a DOS attack
why are source ip addresses spoofed
makes identifying attacking systems harder to identify
what does SYN spoofing do
attacks ability of a server to respond to future connection requests by overflowing tables used to manage them
What does a 3 way TCP connection handshake look like
how are flooding attacks classified
based on network protocol used
what are flooding attacks intent
overload the network capacity on some link to a server
what is a distributed denial of service attack (DDOS)
uses multiple systems to generate attacks
what is an http flood
attack that bombards web servers with http requests
what is spidering
bots start at a given http link and follows all links on page recursivly
what is a slowloris attack
it attempts to monopolize by sending http requests that never complete
what is a reflection attack
attacker sends packets to a known service on the intermediary with a spoofed source address of the actual target system
when intermediary responds, the response is sent to the target
“reflects” the attack off the intermediary
what is a dns amplification attack
Exploit DNS behavior to convert a small request to a much larger response (amplification)
what is the way to prevent dns amplification attacks
do not allow spoofed source addresses
what are these examples of
ways to prevent DOS attacks
