Đánh sập web bằng ddos

  -  

What is DoS Attack?

DOS is an attack used to deny legitimate users access lớn a resource such as accessing a trang web, network, emails, etc. or making it extremely slow. DoS is the acronym for Denial of Service. This type of attack is usually implemented by hitting the target resource such as a web server with too many requests at the same time. This results in the server failing lớn respond lớn all the requests. The effect of this can either be crashing the servers or slowing them down. Cutting off some business from the mạng internet can lead to lớn significant loss of business or money. The internet và computer networks power a lot of businesses. Some organizations such as payment gateways, e-commerce sites entirely depend on the mạng internet khổng lồ vị business. In this tutorial, we will introduce you to lớn what denial of service attachồng is, how it is performed and how you can protect against such attacks.

Topics covered in this tutorial

Types of Dos Attacks

There are two types of Dos attacks namely;


Bạn đang xem: đánh sập web bằng ddos

DoS– this type of attaông chồng is performed by a single host Distributed DoS– this type of attachồng is performed by a number of compromised machines that all target the same victyên. It floods the network with data packets. Ultimate guide to lớn DoS(Denial of Service) Attacks

How DoS attacks work

Let’s look at how DoS attacks are performed and the techniques used. We will look at five sầu common types of attacks. Ping of Death The ping commvà is usually used khổng lồ chạy thử the availability of a network resource. It works by sending small data packets to lớn the network resource. The ping of death takes advantage of this & sends data packets above sầu the maximum limit (65,536 bytes) that TCP/IPhường allows. TCP/IP fragmentation breaks the packets into small chunks that are sent to the server. Since the sent data packages are larger than what the server can handle, the server can freeze, reboot, or crash. Smurf This type of attaông chồng uses large amounts of Internet Control Message Protocol (ICMP) ping traffic target at an Internet Broadcast Address. The reply IPhường address is spoofed to lớn that of the intended victyên ổn. All the replies are sent lớn the victim instead of the IP.. used for the pings. Since a single Internet Broadcast Address can support a maximum of 255 hosts, a smurf attaông chồng amplifies a single ping 255 times. The effect of this is slowing down the network to lớn a point where it is impossible to lớn use it. Buffer overflow A buffer is a temporal storage location in RAM that is used lớn hold data so that the CPU can manipulate it before writing it baông chồng to lớn the disc. Buffers have a form size limit. This type of attaông chồng loads the buffer with more data that it can hold. This causes the buffer to lớn overflow và corrupt the data it holds. An example of a buffer overflow is sending emails with tệp tin names that have sầu 256 characters. Teardrop This type of attaông xã uses larger data packets. TCP/IPhường breaks them into fragments that are assembled on the receiving host. The attacker manipulates the packets as they are sent so that they overlap each other. This can cause the intended victlặng to crash as it tries lớn re-assemble the packets.

Xem thêm: Cách Chỉnh Màn Hình Máy Tính Nhỏ Lại Win Xp Chỉ Với 1 Click Chuột



Xem thêm: Lỗi Không Thể Tải Plugin Chrome, Plugin Flash, Khắc Phục Lỗi Plugin Trên Google Chrome

SYN attack SYN is a short khung for Synchronize. This type of attaông chồng takes advantage of the three-way handshake to lớn establish communication using TCP. SYN attachồng works by flooding the victim with incomplete SYN messages. This causes the victyên ổn machine khổng lồ allocate memory resources that are never used and deny access khổng lồ legitimate users.

DoS attachồng tools

The following are some of the tools that can be used khổng lồ perform DoS attacks. L& and LaTierra– this tool can be used for IPhường spoofing và opening TCPhường connections Panther- this tool can be used lớn flood a victim’s network with UDP. packets. Botnets– these are multitudes of compromised computers on the Internet that can be used to persize a distributed denial of service attachồng.

DoS Protection: Prevent an attack

An organization can adopt the following policy to lớn protect itself against Denial of Service attacks. Attacks such as SYN flooding take advantage of bugs in the operating system. Installing security patches can help reduce the chances of such attacks. Intrusion detection systems can also be used lớn identify và even stop illegal activities Firewalls can be used to lớn stop simple DoS attacks by blocking all traffic coming from an attacker by identifying his IP.. Routers can be configured via the Access Control List khổng lồ limit access lớn the network và drop suspected illegal traffic.

Hacking Activity: Ping of Death

We will assume you are using Windows for this exercise. We will also assume that you have sầu at least two computers that are on the same network. DOS attacks are illegal on networks that you are not authorized to lớn vày so. This is why you will need to lớn setup your own network for this exercise. Open the comm& prompt on the target computer Enter the comm& ipconfig. You will get results similar to the ones shown below Ultimate guide to lớn DoS(Denial of Service) Attacks For this example, we are using Smartphone Broadband connection details. Take note of the IP. address. Note: for this example to be more effective, & you must use a LAN network. Switch lớn the computer that you want khổng lồ use for the attaông xã & open the command prompt We will ping our victyên computer with infinite data packets of 65500 Enter the following commvà ping 10.128.131.108 –t |65500 HERE, “ping” sends the data packets lớn the victim “10.128.131.108” is the IP address of the victlặng “-t” means the data packets should be sent until the program is stopped “-l” specifies the data load khổng lồ be sent to the victyên ổn You will get results similar to the ones shown below Ultimate guide to lớn DoS(Denial of Service) Attacks Flooding the target computer with data packets doesn’t have sầu much effect on the victyên. In order for the attachồng khổng lồ be more effective sầu, you should attaông xã the target computer with pings from more than one computer. The above sầu attaông chồng can be used khổng lồ attacker routers, website servers etc. If you want to see the effects of the attaông chồng on the target computer, you can open the task manager & view the network activities. Right cliông chồng on the taskbar Select start task manager Clichồng on the network tab You will get results similar khổng lồ the following Ultimate guide khổng lồ DoS(Denial of Service) Attacks If the attaông chồng is successful, you should be able khổng lồ see increased network activities.

Hacking Activity: Launch a DOS attack

In this practical scenario, we are going lớn use Nemesy to generate data packets & flood the target computer, router or hệ thống. As stated above sầu, Nemesy will be detected as an illegal program by your anti-virus. You will have lớn disable the anti-virut for this exercise. Unzip it and run the program Nemesy.exe You will get the following interface Ultimate guide khổng lồ DoS(Denial of Service) Attacks Enter the target IP.. address, in this example; we have used the target IPhường we used in the above example. HERE, 0 as the number of packets means infinity. You can set it khổng lồ the desired number if you bởi vì not want khổng lồ sover, infinity data packets The form size field specifies the data bytes khổng lồ be sent và the delay specifies the time interval in milliseconds. Cliông chồng on send button You should be able to see the following results Ultimate guide to DoS(Denial of Service) Attacks The title bar will show you the number of packets sent