Denial Of Service Attack - Planet GRT-504 User Manual

4-wire g.shdsl.bis firewall router

Hide thumbs Also See for GRT-504:

Quick installation manual (20 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

page of 152

/ 152
Contents
Table of Contents
Bookmarks

Table of Contents

3.3

Denial of Service Attack

Typically, Denial of Service (DoS) attacks result in two flavors: resource starvation and system

overloading. DoS attacks happen usually when a legitimate resource demanding is greater than

the supplying (ex. too many web requests to an already overloaded web server). Software

weakness or system incorrect configurations induce DoS situations also. The difference between a

malicious denial of service and simple system overload is the requirement of an individual with

malicious intent (attacker) using or attempting to use resources specifically to deny those

resources to other users.

Ping of death- On the Internet, ping of death is a kind of denial of service (DoS) attack caused by

deliberately sending an IP packet which size is larger than the 65,536 bytes allowed in the IP

protocol. One of the features of TCP/IP is fragmentation, which allows a single IP packet to be

broken down into smaller segments. Attackers began to take advantage of that feature when they

found that fragmented packets could be added up to the size more than the allowed 65,536 bytes.

Many operating systems don't know what to do once if they received an oversized packet, then

they freeze, crash, or reboot. Other known variants of the ping of death include teardrop, bonk and

nestea.

Hacker 's

System

Normal reassembled Packets

bytes from 1~1500

Reassembled teardrop packets

bytes from 1~1700

SYN Flood- The attacker sends TCP SYN packets, which start connections very fast, leaving the

victim waiting to complete a huge number of connections, causing it to run out of resources and

dropping legitimate connections. A new defense against this is the "SYN cookies". Each side of a

connection has its own sequence number. In response to a SYN, the attacked machine creates a

special sequence number that is a "cookie" of the connection then forgets everything it knows

about the connection. It can then recreate the forgotten information about the connection where

the next packets come in from a legitimate connection.

GRT-504 4-Wire G.SHDSL.bis Firewall Router User's Manual

Inturruption

Ping of Death Packet (112,000 bytes)

Normal IP Packet (Maximun 65,536 bytes)

bytes from 1501~3000

bytes from 1300~3200

Target

System

bytes from 3000~4500

bytes from 2800~4800

Table of Contents

Denial Of Service Attack - Planet GRT-504 User Manual

Denial of Service Attack

Related Manuals for Planet GRT-504

Related Content for Planet GRT-504

Table of Contents