1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Denial of service attacks + Peer to Peer attacks

Discussion in 'Training & Development' started by beaumontdvd, Apr 13, 2010.

  1. beaumontdvd

    beaumontdvd Kilobyte Poster

    487
    3
    32
    Hi everyone, just reading up on the different Denial of service attacks. It has interested me and obviously I am interested in learning how to prevent this and not how to achieve it. But how can you stop a dos attack and what does it do?

    I read that it stops you from accessing a service but could anyone give an example

    Also I have seen on my router interface an option for blocking dos attacks or something like that, why would it be on the router and not the o/s?

    Sorry for asking a lot of questions but if anyone has the time to answer I would appreciate it!

    Thanks,
    Dave
     
    Certifications: 070-271, 070-272, (MCDST)Level 1,2,3 NVQ
    WIP: 070-270, A+, N+, S+,MCDST 7 Upgrade
  2. SimonD

    SimonD Terabyte Poster Moderator

    3,463
    397
    199
    Generally a DoS attack would be aimed at a port or website offering services, so for instance you could attack a website on port 80, or another service on the port it operates on, by flooding that machine with thousands of requests it slows down and dies, thereby denying the service that it's supposed to be offering.

    With regards to the router, as that's the first point of contact for any external communication into your lan environment it makes sense that this would be the first device that handles DoS attacks. Again usually rather than blocking the entire line it would be transmitting traffic on a particular port, in the case of a router it would simply drop the packets if it received too many for it to handle.
     
    Certifications: CNA | CNE | CCNA | MCP | MCP+I | MCSE NT4 | MCSA 2003 | Security+ | MCSA:S 2003 | MCSE:S 2003 | MCTS:SCCM 2007 | MCTS:Win 7 | MCITP:EDA7 | MCITP:SA | MCITP:EA | MCTS:Hyper-V | VCP 4 | ITIL v3 Foundation | VCP 5 DCV | VCP 5 Cloud | VCP6 NV | VCP6 DCV | VCAP 5.5 DCA
    WIP: VCP6-CMA, VCAP-DCD and Linux + (and possibly VCIX-NV).
  3. beaumontdvd

    beaumontdvd Kilobyte Poster

    487
    3
    32
    ok mate, so when you say attack it could be say two thousand machines all pinging port 80 on a particular website at any one instance which would cause the webiste to shutdown. Is there a reason why it cant handle that many requests?

    Oh thats makes sense with the router, cant the code for the router be written so it has a buffer overflow so that if it has many floods from different machines it doesnt overflow? I'm not challenging what you know its just so I understand it more, I'm not sure if that makes sense but its just off the top of my head. Thanks for the help mate!
     
    Certifications: 070-271, 070-272, (MCDST)Level 1,2,3 NVQ
    WIP: 070-270, A+, N+, S+,MCDST 7 Upgrade
  4. SimonD

    SimonD Terabyte Poster Moderator

    3,463
    397
    199
    Its normally not just 2000 machines, if you have 10's of thousands of machines and each is sending hundreds of requests a second you get the idea that a machine just simply can't cope with the amount of incoming requests. Quite simply the protocol stack falls over with too many requests and you result in a DoS.
     
    Certifications: CNA | CNE | CCNA | MCP | MCP+I | MCSE NT4 | MCSA 2003 | Security+ | MCSA:S 2003 | MCSE:S 2003 | MCTS:SCCM 2007 | MCTS:Win 7 | MCITP:EDA7 | MCITP:SA | MCITP:EA | MCTS:Hyper-V | VCP 4 | ITIL v3 Foundation | VCP 5 DCV | VCP 5 Cloud | VCP6 NV | VCP6 DCV | VCAP 5.5 DCA
    WIP: VCP6-CMA, VCAP-DCD and Linux + (and possibly VCIX-NV).
  5. SuPaStA

    SuPaStA Nibble Poster

    71
    0
    21
    That is just one type of DOS (Distributed) but there are many different forms either using a loop hole/bug/security vulnerability in a OS/hardware etc to stop/degrade a service.
    You can cause a DOS with one computer does not need to be 1000s of computers.
     
    Certifications: CCNA,MCSE,ITIL,Server+,Security+,N+...
    WIP: CCNP

Share This Page

Loading...