First page Back Continue Last page Summary Graphics
Denial of Service Attacks
They are the easiest and most common kind of attack.
You can't protect against them completely.
Some can be protected against at the operating system level.
TCP SYN Flooding
ping Flooding: smurf Attacks
Packet Fragmentation Bombs
Denial-of-service attacks are based on the idea of flooding your system with packets in such a way as to disrupt or seriously degrade your Internet connection, tying up local servers to the extent that legitimate requests cant be honored, or in the worst case, crashing your system altogether. The two most common results are keeping the system too busy to do anything useful and tying up critical system resources.
You cant protect against denial-of-service attacks completely. They can take as many different forms as the attackers imagination allows. Anything that results in a response from your system, anything that results in your system allocating resources, anything that induces a remote site to stop communicating with you, all can be used in a denial-of-service attack.
These attacks usually involve one of several classic patterns, however, including TCP SYN flooding, ping flooding, UDP flooding, and ICMP routing redirect bombs.