Denial of Services Attacks

(DOS)
Rabbani Roslan
Definition
• to make a system or server unavailable for legitimate users and,
finally, to take the service down.
• by flooding the server’s request queue with fake requests
• server will not be able to handle the requests of original users

• 2 forms of the DOS attack

1. crash a server
2. floods a service
Types of Attacks
• Ping flood attack
• SYN flood attack
• Smurf attacks
Ping flood attack

• Its abuses the ping protocol by sending request messages with

oversized payloads, causing targeted systems to become
overwhelmed, to stop responding to legitimate requests for service .
• Then, can cause victim system’s crashed.
SYN flood attack
• abuses TCP's handshake protocol by which a client establishes a TCP
connection with a server
• attacker directs a high-volume stream of requests to open TCP
connections with the victim server with no intention of actually
completing the circuits
Smurf attacks
• similar to ping floods, as both are carried out by sending a slew of
ICMP Echo (ping) request packets.
• Unlike the regular ping flood, however, Smurf is an amplification
attack vector that boosts its damage potential by exploiting
characteristics of broadcast networks.
How it works?
Before attack

Communication as usual by
Client requesting and receiving Server

DOS Fake request

After attack attack

? Cannot request Server shut

No respond Server down. DOS
Client request repeat again
and again
DOS attacking tools

• LOIC (Low Orbit Ion Canon)

DEMO DOS
How to prevent
1. Get help recognizing attacks
- use technology or anti-DDoS services to help defend themselves

2. Configure firewalls and routers

- Remember to keep your routers and firewalls updated with the latest
security patches.

3. Investigate black hole routing

-Internet service providers can use “black hole routing.” It directs excessive
traffic into a null route, sometimes referred to as a black hole.