MOD 10 - Denial of Service

Question 1

Slowloris attack

Answer 1

DOS attack against a web server by sending many partial HTTP requests. Server opens multiple connections, waiting for the requests to complete, which never do. Attacker keeps doing this to max out the server’s connection pool, and legit users won’t be able to initiate their own requests.

Question 2

Botnets

Answer 2

Review what a botnet is, typical setup, and Scanning Methods for Finding Vulnerable Machines

Question 3

Hit-List scanning

Answer 3

With this technique, you first build a (hit) list of machines that might potentially be vulnerable to attack (to get them to join your botnet). Then you scan those machines. Any you can take-over, you can now have them help you to scan the rest of your list.

Question 4

Ping Of Death

Answer 4

Sending malformed or oversized ICMP ping packets in an attempt to crash the target

Question 5

SYN Flood / TCP SYN attack

Answer 5

Abuses the TCP 3-way handshake and sends many SYN packets (connection requests) to overwhelm the target

Question 6

Zero-Day

Answer 6

New or unknown vulnerability for which there is no defense in place yet

Question 7

*Cognitive radios

Answer 7

Implement Cognitive Radios in the physical layer to handle wireless jamming and scrambling attacks. These devices can automatically move your communications to an unused (un-attacked) channel.