An Overview of Network Intrusion Tactics: Denial of Service (DOS) Attacks

Why Do We Need to Secure Networks?

Networks are constantly under attack and can be infiltrated via various tactics, including malware, spoofing, packet sniffing, and much more. If a network is not protected from these tactics and is intruded upon, it could have a catastrophic impact on the organization.

Consider one of such intrusion tactics, denial of service (DoS) attacks.

What Is a Denial of Service Attack?

A denial of service, or DoS, attack is an attack that targets a network or server and floods it with network traffic.

The objective of this attack is to disrupt normal business operations by overloading an organization’s network with the goal of sending so much information that the network crashes or is unable to respond to legitimate users.

Types of DoS Attacks

Distributed Denial of Service (DDoS) Attack:

This type of DoS attack uses multiple devices or servers, in different locations to flood the target network with unwanted traffic. This attack archives effectiveness by exploiting devices such as computers, IoT devices, and other networked resources.

Network-level DoS Attacks:

These DoS attacks target network bandwidths on a server to slow traffic. Types of these attacks include:

• SYN (synchronize) flood attack: To understand this attack, you have to understand the process used to establish a transmission control protocol (TCP) connection between devices and a server. This process is often called the handshake process.

  
  

  The handshake process begins when a device sends a synchronize request to the server. The server responds with a SYN/ACK packet, acknowledging the receipt of the device’s request and leaves a port open for the final step of the handshake.

  Upon receiving the final ACK packet from the device, the server establishes that the TCP connection is established.

  
  

  Attackers understand this process and use SYN flood attacks to simulate TCP connections and flood a server with SYN packets. When the number of requests is larger than the number of available ports on the server, the server will crash and be unable to function.

  
  

• Internet Control Message Protocol (ICMP) flood attack: This is a type of DoS attack where ICMP packets are repeatedly sent to a network server, forcing the server to send an ICMP in response, which eventually uses all the bandwidth for incoming and outgoing traffic, causing the server to crash.

  
  

  The Internet control message protocol (ICMP) is an Internet protocol used by devices to tell each other about data transmission errors across a network.

  Learn more about ICMP here

• Ping of Death: This is a type of DoS attack caused when a hacker pings a system by sending it an oversized ICMP packet that is bigger than 64kb (the maximum size for a currently formed ICMP packet). This causes the server to crash.

Conclusion

You are now aware of how a denial of service attack works and the different types associated with it. How do you keep yourself and your data safe from these attacks. How do you go about navigating these vulnerabilities? Do you have answers or suggestions? Feel free to share your thoughts in the comment section.

GodSpeed