Denial of Service and Social Engineering Flashcards
What is a DoS attack
A denial of service or DoS attack is one in which the primary goal of the perpetrator is to prevent legitimate users from accessing a resource
Why is DoS considered a nasty attack?
Easy to launch, hard to trace
What are the two broad types of DoS
Flooding attack - overwhelm a system by sending a flood of real looking but unnecessary data so that its resources are consumed
Logic DoS attack - exploit the vulnerabilities of the target intelligently
What is a ping flood
the hacker sends large ping packets continuously to the target machine, thus overwhelming it
What is a TCP SYN attack
the victim server is flooded with spoofed TCP SYN requests at a high rate from fake source IP addresses. The attacker does not send the second SYN-ACK segment resulting in a number of half open TCP connections on the server
What is a land attack?
Attacker sends a TCP SYN segment that has been tweaked so that the source IP address and the destination IP address are both that of the victim machine. The victim machine receiving this segment opens an empty TCP connection with itself.
What is a tear drop attack?
this attack uses fragmented IP packets to launch the Dos attack. In a tear drop attack the attacker repeatedly fragments IP packets and sends all but one fragment in each packet to the destination
What is a ping of death?
This attack uses a fragmented ping packet. Sending a large ping packet will result in fragmentation. This has been known to cause many systems to crash, freeze or reboot
What is a smurf attack?
In the smurf attack, the attacker broadcasts an ICMP echo request to a network. The packet has been tweaked so that the source IP address is that of the victim. This will result in all the hosts on the network sending ICMP replies to the victim
What is a UDP flood?
attacker sends a UDP packet to a random port on a victim machine. When the victim machine received this, it sends an ICMP destination unreachable reply since there is probably no application on this port. If a large number of such UDP packets are sent on different ports the victim machine will be overloaded trying to determine if there are awaiting applications and then generating and sending ICMP replies
What is an HTTP VERB attack
HTTP VERBs include POST, GET, PUT etc. DoS attacks can target HTTP servers using these methods. There are several types of HTTP VERB attacks including excessive VERB, excessive VERB single session, Multiple VERB single request, Recursive GET, and SQL attack
What is an SSL-based DDos attack?
In an SSL-based DDoS attack, the attacker sends queries to load heavy parts of a website, the decryption and search operations are done at the server side
What is a Botnet DDoS attacks?
Linux based botnets are being increasingly used to launch DDoS attacks.
What are some mitigation strategies for DoS attacks?
Traffic monitoring Egress filtering Install packages against well known DoS attacks Know your custimers Overprovision bandwidth Sign up for DDoS Detection and Mitigation Have a disaster recovery plan in place Prevention of botnet-based DDoS attacks
What is social engineering?
It is the art and science of getting people to comply to your wishes
