Comments

Good evening people. Here's some information about Denial-of-Service attack. I hope you'll enjoy reading it.

Denial-of-Service is the complement to system/network penetration and encompasses a variety of techniques designed to deny users or clients access to specific systems and network resources.

The types of resources targeted in denial-of-service attacks include the following:
• CPU utilization
• Disk space and I/O
• Memory utilization
• Network bandwidth

Techniques for denial-of-service are harder to identify than for system/ network penetration because they tend to be application or environment specific. Some common techniques for denial-of-service include the following:

Application or protocol exploits. These may appropriate specific application or protocol features to effect a denial-of-service; an example might be the appropriation of a protocol authentication or cache mechanism to effect denial-of-service.

Buffer overflows. Denial-of-service buffer overflows generally attempt to exhaust system resources or exploit an application vulnerability in executing code to crash an operating system or application component.

Malformed packet data. Malformed packet data may be forwarded to a target system with a vulnerable TCP/IP stack implementation or application service as a means of crashing a system or system/network resource.

Packet flooding. Packet flooding attempts to exhaust network bandwidth or system bandwidth as a means of denying access to targeted resources.

The objective of most denial-of-service attacks is to effect excessive resource consumption or to crash a resource (such as a process, service, or network listener) as a means of denying access to the resource. A new and emerging type of denial-of-service is the distributed denial-ofservice (DDoS) attack, which leverages significant numbers of Internet or networked systems, in an organized manner, to affect a multisystem denial-of-service against a system or network. Many organized DDoS exploits leverage application or other system vulnerabilities to gain system access to a set of vulnerable "slave" systems, which are managed from multiple masters; a covert communications channel is often established between the master and slave and is used to issue instructions to the slave systems. At the attacker's designation, a DDoS attack is launched against the target network using packet flooding or malformed packets to launch the attack.