10.3 - Denial of Service

 10.3 - Denial of service 

 

Key Terms: 

    • Denial-of-service attack – An attack that floods a computer with more packets than it can handle. 
    • Distributed denial-of-service attack – An attack that uses multiple computers and internet connections to flood target systems. 

 

Denial of Service Attack (DoS) 

This is when a hacker purposefully overloads a target computer/server with more packets than it can handle. This causes the target to become unavailable to legitimate connections. A DoS attack uses a single computer to attack a single target. 

 

Distributed Denial of Service Attack (DDoS) 

A DDoS attack performs the same job as a DoS attack however, the packets are sent from lots of different connections. Usually this is in the form of a network that a hacker has control of, like a botnet. A hacker would distribute specially designed malware that gives them an access point to be able to control the device remotely. 

 

Damage 

Both DoS and DDoS attacks can cause lots of damage to the target system, especially if the business relies on a web server. If the web server is down or slow, customers may not be able to buy products/services from the business, causing a loss of revenue. 

 

Motivation 

A denial-of-service attack does not give the hacker access to any resources on the network. However, they can be used as distractions as the network administration team may be focused on fixing the attack which provides the hacker a blind spot to infiltrate the network without being compromised. Another motivation could include defamation where the attacker’s main goal is to make the business look bad to its customers. 

 

Denial-of-Service Attack Types: 

    • Fragmentation attacks – This attack prevents packets from being reassembled. 
    • Volumetric attacks – Blocks traffic by taking up all available bandwidth between the target and the internet. 
    • Amplification attacks – Attacks that exploit vulnerable protocols. 
    • Application attacks – These attacks use up all of the resources that an application needs to run. 
    • TCP state exhaustion – These attacks target load-balances and firewalls. 

Comments

Post a Comment

Popular posts from this blog

OSA Assignment 1 - Task 3 GUIDE

Image
  OSA Assignment 1 – Task 3 Guide     Exam parameters   Time length – 5 hours (2x 2 ½ sessions)   Marks available – 28     Task 3: Design – Communication Equipment   In this task you are required to submit :   A technical proposal covering the switches, wireless infrastructure and specifications   Justification of planned network architecture and considerations for security, resilience, performance and redundancy   Evidence print screens   Annotated floor plan/network diagram     Technical Proposal   The technical proposal in task 3 follows a similar format as task 2. It's another large document detailing the requirements and recommendations for the company. In task 3, however , it should discuss communication and other digital equipment such as switches, CCTV and APs.   You should recommend multiple hardware solutions and justify between them.   Here are some examples of tables and information ...
Read more

OSA Assignment 1 - Task 1 GUIDE

  OSA Assignment 1 – Task 1 Guide     Exam parameters   Time length – 3 hours   Marks available – 20     Task 1: Planning   In this task you are required to submit :   A project plan   Gantt chart showing th e critical path   Explanation of legal requirements   Physical and digital threat countermeasures   Annotated floor plan     Gantt Chart   The Gantt Chart is the first document you should create. This details each phase of the project alongside the timescale to complete it.   Ensure you make a note of the deadline for the project along with any pre-requisites such as cabling. This should all be implemented into your Gantt Chart.   You can follow a layout like this:   Project:   Pre considerations (Gathering project timescale, risk assessments, ...)   Planning (Devising project plan, identifying budget, ...)   Design (Research hardware, identify topology, ...)   Pre ...
Read more

OSA Summer 2023 Mock - Task 1, Assignment 1

Image
  OSA Summer 2023 Mock – Task 1           Legal requirements   The company must ensure they are compliant with the correct legislation whilst the project is undertaken.   If any person is working at height, the correct safety measures to prevent injury or death must be imposed under The Work at Height Regulations 2005. They must have an appropriate safety harness on and hazardous areas at height should be i dentified in the risk assessment.   By storing data internally on a local file server, the business is responsible for maintaining the confidentiality, availability and integrity of that data. They must comply with The Data Protection Act 2018 and General Data Protection Regulations.   Display screen equipment regulations (DSE) should be considered when installing workstations. Ergonomic and posture-friendly chairs should be installed and employees given appropriate breaks from working around screens.     Data p...
Read more