Denial of Service Attacks (DoSs) - Essay Example

?DENIAL OF SERVICE ATTACK (DOS) Denial of Service Attacks (DoSs) Affiliation Three common Web server Security Attacks Buffer overflows One of the most well-known web server security attacks is known as a buffer overflow. Basically, a buffer overflow takes place when a software application attempts to store more data in a static buffer than its capacity to store or manage. In this scenario, this extra data is used to corrupt and overwrite the available memory. As a result it allows an attacker to put in random actions on the web server or destroy the system completely. It is commonly seen that the majority of web applications fails to effectively avoid the actions inserted or performed by random code into the system which can only be performed with the administrator rights of the operating system. For instance, an attacker can insert an executable instruction like that , inside a legal web site form below the appearance of an HTTP (hypertext transfer protocol) request in an attempt to get access to that particular web server. However, if an attacker gets a success in deceiving security configuration, he/she can be able to get access to the /etc/passwd file as well as can get all files and, in the end, the usernames and passwords which are stored on the web server (Kennedy, 2005). In order to mitigate these security attacks, organizations can take following initiatives: First of all, an organization needs to recognize buffer overflows by putting huge values into header, form inputs, and cookie fields. They must implement effective techniques to stop illegal users from inserting unauthenticated code. They must authenticate the input field length. Cross-site Scripting (XSS) In this kind of attack a web application works as a source of help for launching an attack to an end user's browser by making use of the web browser of other web users who visit the page. In this scenario, an attacker develops and launches a web site that takes benefit of a cross-site scripting defect and a simple user can view this attacker’s web site such as by clicking on a link mentioned in an e-mail received from a friend and the attacker’s nasty program or that fake web site can then be opened on the user's computer. If an attacker gets a success in this attack then he/she can be able to get access to the end user's session token, spoof content to fool the user or attack the local machine (Kennedy, 2005). In order to mitigate these security attacks, organizations can take following initiatives (Kennedy, 2005): An organization must adopt strict measures to scan all the possible inputs in order that end-user data cannot be translated as scripted content. A variety of data integrity checks should be carried out on data before their distribution to make sure the data are sensible. If it is possible, limit all end-user input to alphanumeric content. Denial of Service Attacks DoS attack (denial of service) can be defined as an event that prevents un-authorized access to the resources or make interruption in those operations that are critical with time factor. Additionally, DoS attack is sometimes called distributed denial-of-service attack (DDoS attack). This sort of attacks (denial of service attack) may target users in an attempt to stop them from creating links on the network. However these connections may include outgoing transmission. In addition, a DoS attack may also target a whole corporation. In this scenario, it can stop incoming traffic or to prevent outgoing traffic towards network related applications. In this way this attack tries best to stop the victim from being usage of network links. Moreover, denial of service attack is straightforward in accomplishment as compared to gaining managerial access to a specific system from distant location. That’s why DoS attack gains popularity on the Internet (Chan et al., 2010) and (Tech-FAQ, 2011). DoS attacks can easily halt our computer machine or our network connection. However, it totally depends on the overall enterprise nature; it may efficiently disable our corporation network that may result in overall network failure. Thus it is true fact that some of the DoS attacks can easily be executed through inadequate possessions beside a huge sophisticated environment. We can clarify this situation with an example of an attacker having old personal computer along with a deliberate modem (that might be internal or external). This slow modem may perhaps be capable to halt our personal computers machines, hardware and sophisticated networks in a short time. Therefore we categorize this sort of attack as an asymmetric attack. Moreover, it totally depends on the attacker that which type of standard technique he/she adopts for the attack. For instance, if the attacker is a skilled person then he will create more problems for the firm. In this scenario, one of the major techniques that an attacker can use is about email messages which are known as spam. These phenomena will result in similar attack launching on our electronic mail account. In this situation, it does not matter that whether the e-mail account we are using is provided by our company or we got it from a complimentary service that is provided to us by Hotmail, Gmail or Yahoo. In this scenario, another important factor for attacking on our computer is that sometimes services like Hotmail, Gmail or Yahoo provide us a limited storage (specific quota) which restricts the quantity of information that we can store in our account according to organizational rules and regulations. Hence storage space perhaps will be different at any certain time. In addition, this storage space will be consumed in a short amount of time as a result of sending a lot of large e-mail posts to the account; In this way an attacker can devour our storage space (specific quota), that prevents us from getting valid, useful or useful mails (TechTarget, 2007; Carnegie Mellon University , 2001; McDowell, 2009). In order to mitigate these security attacks, organizations can take following initiatives (Kennedy, 2005): It should be ensured that an application works correctly when provided with huge volumes of data, queries, requests or traffic. Apply a variety of mechanisms to block frequent requests from a single URL. Ensure the prevention of application excess by carrying out content filtering with the firewall. Route traffic through an intrusion prevention system (IPS) and intrusion detection systems (IDS) to aggressively sense and block DoS attacks. Record and keep an eye on request traffic. Constantly search for patterns of error messages or anomalies. Fundamentals As we discussed various aspects earlier we can say that a DoS (denial of service) attack is a type of attacks in which an intruder tries its level best to leave system without users or stop approved users from accessing isolated pc machine, sophisticated network or a web site. Moreover an intruder typically targets bandwidth of sufferer in order to perform this attack (Masram, 2011). Another approach that leads toward illegal usage of inner resources may perhaps result in DoS attacks. Thus it cannot be said forever that a machine has been attacked distantly. Consequently it can be attacked from inside network resources or it may be done by a disappointed or un-professional employee (Masram, 2011). Moreover, DoS attack compromises system security in many ways such as it can halt, slow, and restart a system. While a worst case affect our pc or network in smash up of network resources, failure of information and hardware supportive components. The basic attention is to show the power against any government or causing loss to an opponent (Masram, 2011). Prevention techniques A lot of methodologies and standard approaches are in market and adopted by numerous corporations in order to defend their systems and resources against DoS (denial of service) attacks. In this scenario, targeted systems or machines frequently use overall changing source Internet Protocol addresses that make problems for attacker to recognize and block. We can adopt various approaches to eliminate the chances of DoS attacks: (Trinity Security Services, 2003). Screening of Routers Screening routers is a common methodology nowadays for handling networks and usual configuration that prevents our system from the threats of DoS attacks. In this scenario, the routers that we connect with the internet pipes may be configured in such a way that it could screen the packets before they enter into the organizational or corporate network (Trinity Security Services, 2003). Intrusion discovery system One more standard technique that saves us from DoS attacks is known as intrusion detection system (IDS). In this technique, detection system may baseline the configuration by means of details or common traffic flow and then sort out anomalies alongside this baseline (Trinity Security Services, 2003). Implications From the above discussion we can easily determine the effects and working environment of DoS attack. However there are several implications related to DoS attacks. In this scenario, while attacking the target set by intruder, almost various computer hosts are linked with the internet and these connections have been compromised via Trojan horse or viruses that permit the performer to manage the machine and direct the attack distantly, it can be performed throughout the dosnet/ botnet. However if we have sufficient slave hosts, it might result in the denial of services well connected websites (Computer Hope, 2011). In this way too much web transformation or web traffic might considerably slow down or can cause avoid access to web site. This is due to the fact that if adequate file requirements/requests are available to the server then it can easily manage and might be an intended attack on the site otherwise due to over popularity (Computer Hope, 2011; Trinity Security Services, 2003). Multiple levels of failures Command failure or file name This failure usually takes place due to a misspelling or fault when we type a command or the justified command is not a legitimate command for Windows or MS-DOS (Computer Hope, 2011). Overflow partitioning It happens when an application attempts to divide via zero. This fault frequently occurs due to mistake in the program during computer execution (Computer Hope, 2011). Observations and conclusion Denial of service attacks is expected to get more and more complex as well as common with changing trends and innovations. However, service providers such as Internet Service Providers are doing their best for the protecting their clients against such threats, since it depends upon a company to provide sufficient protection. In addition, individuals and organizations must think of DoS attack risk seriously and recognize this critical factor as a challenging matter. Once this sort of attack occurs, organizations must understand that considerable expenses along with brand name damage that might cause in destruction. Consequently, organizations must commit to remove DoS attacks. References Carnegie Mellon University . (2001). Denial of Service Attacks. Retrieved October 05, 2013, from http://www.cert.org/tech_tips/denial_of_service.html Chan, N., Lockwood, R., Freeman, S., Farmah, P., Chousiadis, C., Hamid, F., et al. (2010). Denial of Service. Retrieved October 05, 2013, from http://islab.oregonstate.edu/koc/ece478/project/dos1.pdf Computer Hope. (2011). MS-DOS and Windows command line errors. Retrieved October 02, 2013, from http://www.computerhope.com/doserror.htm Kennedy, S. (2005). Common Web Application Vulnerabilities. Retrieved October 10, 2013, from http://www.isaca.org/Journal/Past-Issues/2005/Volume-4/Pages/Common-Web-Application-Vulnerabilities1.aspx Masram, N. (2011). Denial Of Service (DoS) Attacks | The Basics . Retrieved October 05, 2013, from http://nrupentheking.blogspot.com/2011/02/denial-of-service-dos-attacks-basics.html McDowell, M. (2009). National Cyber Alert System. Retrieved October 06, 2013, from http://www.us-cert.gov/cas/tips/ST04-015.html Tech-FAQ. (2011). Denial of Service (DoS) Attacks. Retrieved October 05, 2013, from http://www.tech-faq.com/denial-of-service-dos-attacks.html TechTarget. (2007). denial of service (DoS) . Retrieved October 06, 2013, from http://searchsoftwarequality.techtarget.com/definition/denial-of-service Trinity Security Services. (2003). The Distributed Denial Of Service Attack. Retrieved October 06, 2013, from http://archive.networknewz.com/networknewz-10-20030924TheDistributedDenialofServiceAttack.html Read More