Denial of service attacks + Peer to Peer attacks

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Hi everyone, just reading up on the different Denial of service attacks. It has interested me and obviously I am interested in learning how to prevent this and not how to achieve it. But how can you stop a dos attack and what does it do?

I read that it stops you from accessing a service but could anyone give an example

Also I have seen on my router interface an option for blocking dos attacks or something like that, why would it be on the router and not the o/s?

Sorry for asking a lot of questions but if anyone has the time to answer I would appreciate it!

Thanks,
Dave

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Generally a DoS attack would be aimed at a port or website offering services, so for instance you could attack a website on port 80, or another service on the port it operates on, by flooding that machine with thousands of requests it slows down and dies, thereby denying the service that it's supposed to be offering.

With regards to the router, as that's the first point of contact for any external communication into your lan environment it makes sense that this would be the first device that handles DoS attacks. Again usually rather than blocking the entire line it would be transmitting traffic on a particular port, in the case of a router it would simply drop the packets if it received too many for it to handle.

 

ok mate, so when you say attack it could be say two thousand machines all pinging port 80 on a particular website at any one instance which would cause the webiste to shutdown. Is there a reason why it cant handle that many requests?

Oh thats makes sense with the router, cant the code for the router be written so it has a buffer overflow so that if it has many floods from different machines it doesnt overflow? I'm not challenging what you know its just so I understand it more, I'm not sure if that makes sense but its just off the top of my head. Thanks for the help mate!

 

Its normally not just 2000 machines, if you have 10's of thousands of machines and each is sending hundreds of requests a second you get the idea that a machine just simply can't cope with the amount of incoming requests. Quite simply the protocol stack falls over with too many requests and you result in a DoS.

 

That is just one type of DOS (Distributed) but there are many different forms either using a loop hole/bug/security vulnerability in a OS/hardware etc to stop/degrade a service.
You can cause a DOS with one computer does not need to be 1000s of computers.