Denial of Service Attacks

An attack where a system is rendered unusable or is significantly slowed down for legitimate users. This is done by overloading resources so that no that legitimate users cannot access

Crashing the system
Flooding the system
Distributed Denial of Service Attachs
Types of Denial of Service Attacks
- Ping of Death - sends a very large ping packet to a host machine
- SSPing - sends a series of higly fragmented, oversized ICMP data packets
- Land Exploit - sends a TCP SYN packets where the target and source address and the port numbers are the same
- Smurf - sends forged ICMP packets to a broadcast address (fraggle - sends UDP echo packets)
- SYN Flood - opens a large number of half-open TCP/IP connections
- CPU Hog - causes NT machines to crash by using up all of the resources (sets priorities to the highest value)
- Win Nuke - sends out of band data to a Windows machine on port 139
- RPC Locator - sends data to port 135 causing 100% CPU utilization
- Jolt / Jolt2 - sends large number of identical fragmented IP packets
- Bubonic - randomly sends TCP packets with random settings increasing the load on the machine eventually crashing it
- Tools for running DOS and DDOS attackes
  - Tribal Flood Network 2000 (TFN2K)
  - Trinoo

Please mail any comments about this page to summers_wayne@ColumbusState.edu