Types of DOS Attacks and How to Protect From a DOS Attack

DOS Attack (denial of service attack)

DOS attack (denial of service attack)is a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic and an attempt to make a machine or network resource unavailable to its intended users. It  consists of the efforts of one or more people to temporarily or indefinitely interrupt or suspend services of a host connected to the internet.

There are most important types of DOS attacks below :

1. Flood Attack :- Flood attacks are the first known form of a DOS attack. The mechanism of a flood attack is simple attackers send more traffic to a server than it can handle. It the bandwidth of the victim is good, a flood attack has a chance to succeed only if it is a DDOS. Even if a webmaster adds more bandwidth, this still is not a sufficient protection against a flood attack. However, if the bandwidth is insufficient, even the normal volume of legitimate requests can look like a flood attack. Sometimes when a site gets traffic from popular sites, for ex. The front page of Digg, this could look like a DDOS attack but actually this is really legitimate traffic.

2. Buffer Overflow Attack :- Most commonly used DOS attack, can be performed locally or remotely. Most commonly used attack method is using a vulnerable application of program. Result of compromise on security of network. Common modes of attacks are misuse of internal resources and altering configuration.

3. Ping of Death :- In this type of attack an attacker deliberately sends an ICMO echo packet of more than 65536 bytes. IP Packet with size of 65536 bytes is oversized packet for TCP/IP stack. Many Operating System don’t know how to response to such huge packet resulting in freezing or crashing down, Attack mode can be classified as altering of configuration and misuse of resources.

4. Smurf Attack :- The Smurf attack is one more way to paralyze a network, this time from the inside. The mechanism of a Smurf attack is more sophisticated and the critical part is to discover a broadcast server. When a hacker knows the broadcast servers in a network, he or she sends a ping request. The source IP address in this ping request is fake and it looks as if looks as if the ping comes from inside the network. When the broadcast server receives the ping request, the ping request is sent to the entire network and all the machines in the network return a response. These responses are further redirected by the broadcast server to the target machine. Smurf attacks are more difficult to defend against but still if a network is well planned and properly maintained, their effect shouldn’t be a devastating one.

5. Teardrop Attack :- This attack takes advantage of fragmentation of IP packets during transmission. A large packet is chopped in pieces for easy transmission with each having sequence number in offset so that when all chucks get received they can be easily combined. In tear drop attack an attacker manipulates the offset value of the second or later fragment to overlap with previous or next one, This attack may cause hang and crash of system. Mode of attack is altering configuration.

6. SYN Attack :- SYB attacks also exploit a weakness in the TCP/IP protocol. When a connection is established via TCP/IP, this involves a handshaking mechanism, which consists of the exchange of SYN and ACK messages. When a hacker floods the receiving system with SYN messages, this fills the SYN buffer. In this case the receiving party can’t send an ACK message and no TCP/IP connections with any hosts are possible.

How To Protect From A DOS Attack (denial of service attack) :-

With dotDenfender web application firewall you can avoid DOS attacks because dotDefender inspects your HTTP traffic and check their packets against rules such as to allow or deny protocols, ports or IP addresses to stop web applications from being exploited. Architect-ed as plug and play software, dotDefender provides optimal out of the box protection against DOS threats, cross site scripting, SQL Injection attacks, path traversal and many other web attack techniques. So dotDefender is the simple solution to protect you from DOS attacks.