- Denial of Service (DoS)
- Definition: An attack designed to interrupt service or deny legitimate users access to resources by exploiting system flaws, overloading connections, or flooding traffic.
- Distributed Denial of Service (DDoS)
- Definition: A large-scale DoS attack using multiple computers, often part of a botnet, to overwhelm the target with traffic.
- Smurf Attack
- Mechanism: Utilizes ICMP with three components: attacker, victim, and amplifying network. The attacker spoofs packet headers to appear as if they originated from the victim, and the amplifying network broadcasts the message.
- Countermeasures: Disable broadcast at border routers, restrict ICMP traffic, and prevent packets from originating within the network.
- Fraggle Attack
- Mechanism: Similar to Smurf but uses UDP instead of ICMP.
- Countermeasures: Disable broadcast at border routers, restrict UDP traffic, employ IDS, apply patches, and block UDP ports 7 and 9.
- Land Attack
- Mechanism: Sends a spoofed TCP SYN packet with the target’s IP address and an open port as both the source and destination, causing the machine to reply to itself continuously.
- Effect: This can cause the machine to crash or become unresponsive.
- SYN Flood
- Mechanism: Sends TCP connection requests (SYN packets) with a spoofed source address, causing the target system to wait for replies that never come, overwhelming system resources.
- Countermeasures: Use sync cookies or proxies to mitigate the impact.
- Teardrop Attack
- Mechanism: Modifies the length and fragmentation offset fields of sequential IP packets, confusing the target system and causing it to crash.
- Effect: Exploits a flaw in TCP/IP fragmentation to crash systems.
- Session Hijacking (Spoofing)
- Mechanism: Alters a TCP packet to appear as if it comes from a trusted source, giving the attacker access to the network. Common methods include intercepting cookies and using TCP sequence number attacks.
- Effect: The attacker can take over an existing session, gaining unauthorized access.
These attacks highlight the importance of implementing robust network security measures, such as firewalls, IDS/IPS, and proper network configuration, to protect against various types of threats.