First page Back Continue Last page Summary Graphics
Denial of Service Attacks
Denial of Service attacks are based on the idea of flooding your network or systems with packets in such a way as to disrupt or seriously degrade your network connections, tying up local servers to the extent that legitimate requests can't be honored, or crashing the system.
You can't protect against them completely.
They are the easiest and most common kind of attack.
TCP SYN Flooding
UDP Flooding (chargen, echo)
ping Flooding: smurf Attacks
Ping of Death
ICMP Redirect Bombs
Packet Fragmentation Bombs
Denial-of-service attacks are based on the idea of flooding your system with packets in such a way as to disrupt or seriously degrade your Internet connection, tying up local servers to the extent that legitimate requests cant be honored, or in the worst case, crashing your system altogether. The two most common results are keeping the system too busy to do anything useful and tying up critical system resources.
You cant protect against denial-of-service attacks completely. They can take as many different forms as the hacker's imagination allows. Anything that results in a response from your system, anything that results in your system allocating resources, anything that induces a remote site to stop communicating with you, all can be used in a denial-of-service attack.
These attacks usually involve one of several classic patterns, however, including TCP SYN flooding, ping flooding, UDP flooding, and ICMP routing redirect bombs.