Denial of service (dos) attacks - Essay Example

In other words DOS attack is described, as an attack in which the memory clogged up so much that a target will unable serve its legitimate users. Or data packets are sent to the target system so much so that it cannot handle it and thus making it to either crash, reboot or more commonly deny services to legitimate users. "A denial of service attack involves preventing you from accessing data or service by confusing or overloading the computers or networking equipment" (Cyganski and Orr, 2002, p. 279). This vulnerability is commonly used to hang remote systems and sometimes force them to reboot which ultimately results in denial of service, means denying the valid services by Networks to the legitimate and authenticated users.

This attack no longer works as most of the system administrators upgraded their systems making them safe from such type of serious attacks. The trick in this attack is to ping a target system with excess data packets that exceeds the maximum bytes allowed by TCP/IP protocols suite. The memory of the target system would be clogged up and forces it to hang, reboot or crash. Since the data gram is so huge that it would be difficult for the target system to handle. The data sent over the Internet is broken down into small fragments at the source and reassembled at the destination system.

Teardrop attack uses the vulnerability present in the reassembling of data packets at the destination system. . Teardrop The data sent over the Internet is broken down into small fragments at the source and reassembled at the destination system. Teardrop attack uses the vulnerability present in the reassembling of data packets at the destination system. Lets see how teardrop attack works. Suppose 4000 bytes of data have to be sent over Internet from one system to the other, this data is not sent to the destination system at one go.

This data is fragmented into small parts and divided into a number of packets. Each data packet has a specified range. For example, 4000 bytes are divided three data packets. The first data packet will be from 1 byte to 1500 bytes; second from 1501 bytes to 3000 bytes and third and final data packet will carry from 3001 bytes to 4000 bytes. These data packets will be having an OFFSET field in their TCP header part. The offset field specifies the range of data that is being carried or specifies to which data packet the bytes are to be sent.

A sequence of numbers is sent along with the packets so that the destination system could easily able to reassemble. In this attack data packets with overlapping offset field values are sent to the target system in a series. This makes it difficult for the target system to reassemble the data correctly and forces it to crash, hang or reboot. The following scenario explains the teardrop attack clearly. A system receives data in the following manner: (1 to 1500 bytes) (1501 to 3000 bytes) (3001 to 4000 bytes)In teardrop attack the data is sent in the following manner:(1 to 1500 bytes) (1500 to 3000 bytes) (1001 to 3600 bytes)When this type of overlapping data is received by the target system, it simply cannot