Distributed denial of service attack

Among various internet attacks, Denial of Service (DoS) attack is a critical and continuous threat in cyber security. In general DoS attacks are implemented forcing a victim computer to reset or consuming its resources, e.g CPU cycles, memory or network bandwidth.

Internet denial-of-service attacks launched simultaneously from multiple locations are called distributed denial of service (DDoS) attacks, their goal is to deny access to other users, which is a popular attack method in the cyberspace.

The aim of DDoS attack is to overload the victim and render it incapable of performing normal communications or transactions.

In January 2001, web servers hosting MSN, Hotmail, Expedia and other popular Microsoft services were subjected to an DDoS attack for almost 24 hours. In July 2001, EFNet.org, a worldwide provider of Internet Relay Chat services was subjected to a sustained DDoS attack lasting almost ten days.

Distributed denial of service attacks often use zombies on computers that have been backdoored by worms or Trojans – without the consent or knowledge of their users.

In a distributed denial of service attack, the attacker remotely takes control of a ‘master’ server where the DoS code has been installed. The master server then controls the actions of ‘slave servers’ on which the code has also been installed with or without the knowledge of the owner. When instructed, these slaves flood target with traffic.
Distributed denial of service attack 

What is wabbits?

Wabbits is another type of self-replicating malware. Unlike viruses, wabbits do not infect host programs or documents. Wabbit is one of four main classes of malware. Others are virus, worm and Trojan horse.

Unlike worms, wabbits do not use network functionality in order to spread to other computers.

The concept may have descended from a program called RABBITS reported from 1969 on a Burroughs 55000 at the University of Washington Computer Center.

Wabbits can be programmed to have (sometimes malicious) side effects in addition to the direct consequences of their quick self-replication.

An example of a simple wabbit is a fork bomb. The fork bomb is a form of denial-of-service attack against a computer system that uses the fork function.  Fork bomb works quickly creating a large number of processes to saturated the available processing space in the computer’s operating system.

Running processes can be ‘forked’ to create other running processes and so on. The program would allegedly make two copies of itself every time it was run eventually crashing the system.

It relies on the assumption that the number of programs and processes that may be simultaneously executed on a computer has a limit.
What is wabbits?

What is the smurf attack?

In 1997, new generation of attacks was launched on the internet: the smurf attack. This is a network-level DoS attack named after its exploit program. The attacks can create havoc in a network.

In smurf attack, a hacker is able to flood the ISP with so many ‘garbage; packets that all the ISP’s available bandwidth is used up and its customers can’t send or receive data by using email, browsing the web and any other internet service.

It is a method of denying service on an IP connection. While a smurf attack can be used to completely disable a connection, it can also be used far more surreptitiously to just reduce bandwidth.

The technology used in the attacks is ICMP; the Internet Controls Message Protocol. The protocol’s main function is to return error messages to the source host when datagrams encounter problems in transit.

There are three players in a smurf attack: the attacker, the relay agents and the target.

A perpetrator sends a large amount of ICMOP echo traffic to specific IP broadcast addresses. These packets are forwarded to the hardware broadcast address of the LAN by the router that connects the LAN to the rest of the world.

It is very easy for an attacker to direct many megabits of traffic per second at an unsuspecting web server.
What is the smurf attack?

Denial of Service

The first distributed denial of service (DDoS) attacks occurred ,more than 11 years ago, in the summer of 1999. These were relatively small attack networks by today’s standards, ranging from several hundred to more than two thousand computer.

University security experts were the first to discover the threat of denial of service attacks hiding in the university computer systems. For example, David Dittrich of the University of Washington discovered denial of service program files stored on the university servers’ months before the first widely publicized attacks on E-ecommerce web sites.

A denial of service attack threatening to prevent the user having access to the service. They attempts to flood a computer network. Thereby preventing legitimate network traffic.

Hackers later used such unsecured university systems as “zombie” machines to help launch massive distributed denial of service (DDoS) against Yahoo!, eBay, Amazon, and other popular web sits.

The attack, which would typically come from several compromised machine at once, would consumed network bandwidth and use up processing unit cycles on the target machine.

The concern would be what is called distributed denial of service attack where take a lot of compromised end systems and flood a server with the intent of making many request or delivering so much traffic to it that it falls off the network.
Denial of Service