Wait a second!
More handpicked essays just for you.
More handpicked essays just for you.
Denial of Service Attack Case Study
Denial-of-Service (DoS) attacks are easy
Denial-of-Service (DoS) attacks are easy
Don’t take our word for it - see why 10 million students trust us with their essay needs.
Recommended: Denial of Service Attack Case Study
Hackers have a multitude of tools and techniques to accomplish their goals, and as old tools and techniques become obsolete, new ones are created. Three questions regarding hacker tools and techniques are addressed here. What are the common tools used to conduct a denial of service attack (DoS)? What is a buffer overflow attack, and how does a SQL injection attack take place?
Tools for a DoS Attack
Unlike many other attack types used by hackers, DoS attacks do not seek to steal information, break into systems or escalate privileges. A DoS attack is used to deny services of a network resource, such as a web server. According to Vangie Beal, “This type of attack is essentially designed to bring a network to its knees by flooding it with useless traffic” (2010). Various tools can be used to perpetrate a DoS attack including Internet Control Message Protocol (ICMP) echo requests, R-U-Dead-Yet (RUDY), Dirt Jumper, and virus/worm programs which automate an attack.
A simplistic form of DoS is practiced by using the ping command with certain options set for the purpose of flooding an IP address with echo requests. According to Chuck Easttom (2012), the echo request is configured so that it is set to near its maximum packet size, response wait time is set to zero, and -t is added to continue pinging until explicitly instructed to stop (p.73). Sending echo requests this way will not inundate a network resource, but if many computers are all simultaneously sending this type of echo request to the same system, eventually the system will not have any resources left to reply to legitimate requests.
RUDY is a program that uses HTML POST requests, such as a login, to simulate multiple slow bandwidth requests, effectively creating a DoS atta...
... middle of paper ...
...ces
Beal, V. (2012). Denial of Service (DoS) Attacks. Retrieved December 28, 2013 from http://www.webopedia.com/DidYouKnow/Internet/2005/DoS_attack.asp
Easttom, C. (2012). Computer security fundamentals. Indianapolis. Pearson.
Hunt, T. (2013). Everything you wanted to know about SQL injection (but were afraid to ask). Retrieved December 28, 2013 from http://www.troyhunt.com/2013/07/everything-you-wanted-to-know-about-sql.html
Hybrid Security. (n.d.). R-U-Dead-Yet. Retrieved December 28, 2013 from http://code.google.com/p/r-u-dead-yet/
Imperva. (2012). Hacker Intelligence Initiative, Monthly Trend Report #12. Retrieved December 28, 2012 from https://www.imperva.com/docs/HII_Denial_of_Service_Attacks-Trends_Techniques_and_Technologies.pdf
Rouse, M. (2007). Buffer Overflow. Retrieved December 28, 2013 from http://searchsecurity.techtarget.com/definition/buffer-overflow
The use of hacking to identify weaknesses in computer security has become an increasingly controversial issue in recent years. Awareness of this issue is important, because our ever increasing reliance on technology means that breaches in computer security have the potential to have wide-ranging and devastating consequences to society, worldwide. This essay will begin by clearly defining the term ‘hacking’ and will examine the type of people who hack and for what reasons. There will then follow a discussion of the moral argument on hacking before examining a few brief examples. The essay will then conclude by arguing against the use of hacking as a means of identifying weaknesses in computer security.
and their use. In Committee on Deterring Cyber attacks: Informing Strategies and Developing Options (Ed.), Proceedings of a Workshop on Deterring Cyber attacks: Informing Strategies and Developing Options for U.S. Policy. Washington, D.C.: National Academies Press.
Disruption: Malicious actors may seek to exploit SLTT networked printers for other malicious purposes, such as disruption of other systems. Open source reporting suggests malicious actors previously developed a botnet of printers and other embedded devices to conduct distributed denial of service (DDoS) attacks over common network protocols.
”Attacks implemented by cyber terrorists via information systems to (1) significantly interfere with the political, social or economic functioning of a critically important group or organization of a nation, or (2) induce physical violence and/or create panic. We define hackers as individuals who (1) wish to access/modify data, files, and resources without having the necessary authorization to do so, and/or (2) wish to block services to authorized users. Cyber terrorists are individuals or groups who utilize computing and networking technologies to terrorize. In this paper, we study the behaviors of two groups of hackers: cyber terrorists and common hackers" (Hua & Bapna 2013).
The Aim Higher College’s system administrators and network engineers have described seeing some strange behaviors such as high levels of traffic from many hosts that are causing system outages. The web servers of the college have been shutting down frequently by this traffic, it must be from a hacker group trying to attack the school with malicious software. I will review the network traffic from the college’s intrusion detection system and use an intrusion prevention system to block off these threats from the hackers.
The 20 Enemies of the Internet. 1999. Radio Free Europe / Radio Liberty. Feb 20, 2001. <http://www.rferl.org/nca/special/enemies.html>.
TOR (Roger Dingledine) is a circuit based low-latency anonymous communication service. TOR is now in its second generation and was developed from the Onion routing program. The routing system can run on several operating systems and protect the anonymity of the user. The latest TOR version supports perfect forward secrecy, congestion control, directory servers, integrity checking and configurable exit policies. Tor is essentially a distributed overlay network which works on the application layer of the TCP protocol. It essentially anonymizes all TCP-based applications like web-browsing, SSH, instant messaging. Using TOR can protect against common form of Internet surveillance known as “traffic analysis” (Electronic Frontier Foundation). Knowing the source and destination of your internet traffic allows others to track your behavior and interests. An IP packet has a header and a dat...
Without proper protection, any part of any network can be susceptible to attacks or unauthorized activity. Routers, switches, and hosts can all be violated by professional hackers, company competitors. In fact, according to several studies, more than half of all network attacks are waged internally. To determine the best ways to protect against attacks, we should understand the many types of attacks that can be instigated and the damage that these attacks can cause to data. The most common types of attacks include Denial of Service (DoS), password, an...
There are numerous network security devices and tools available to aid in computer network defense, and these tools are often relied upon for protecting against increasingly sophisticated, stealthy, and damaging attacks. When acting alone, the current generation of security devices has an exceedingly difficult time providing an effective defense against such threats, and the situation is particularly grim for targeted or novel attacks.
attempt to force a network offline and unavailable to its intended users. This process is typically performed by flooding a network with communication requests until the server cannot respond to the traffic, thus making the server go offline and become available. This process is relatively simple to perform to the average person through online programs. Since it is so easy perform, it has become a rising issue simply because anyone has the ability to hack into various servers. One example in recent news of DDoS attacks comes from Riot Games, developer of the popular online multiplayer video game League of Legends. After a month of inconsistency with their server stability and frequent shut downs, Riot Games reported that within the l...
DOS (Disk Operating System) . (n.d.). In DOS History. Retrieved January 14, 2012, from http://www.fortunecity.com/marina/reach/435/dos.htm
...ng it, crashing it, jamming it, or flooding it. Denial of service is impossible to prevent because of the distributed nature of the network: every network node is connected via other networks, which in turn connect to other networks. A firewall administrator or ISP has control of only a few of the local elements within reach. An attacker can always disrupt a connection "upstream" from where the victim controls it. In other words, someone who wants to take a network off the air can either take the network off the air directly or take the network it connects to off the air, or the network that connects to that network off the air, ad infinitum. Hackers can deny service in many ways, ranging from the complex to the brute-force.
Internet Security covers a broad list of topics. I have chosen to cover hackers and their history. I will go through who hackers are and how we define hackers. I will also cover the history of how hackers got started. This was a very interesting topic and may surprise a lot of people who have had misconceptions of what hackers do due to how the are covered by the media.
The issue with tackling the ethical hacker scenario is that the event is almost entirely action based. There is no end to give meaning to the action and there is no finalized result or indication that it impacted happiness, which many ethical theories depend on. Namely consequentialism, utilitarianism and ethical egotism require an end result in one form or another. There is also no purpose in committing the hackings which makes applying moral theories that deal with motivation and intent, ethical egotism and aspects of virtue ethics, increasingly more difficult to do effectively. Therefore moral theories that apply almost exclusively to the action itself will be utilized in this argument.
The internet offers high speed connectivity between countries, which allows criminals to commit cybercrimes from anywhere in the world. Due to the demand for the internet to be fast, networks are designed for maximum speed, rather than to be secure or track users (“Interpol” par. 1). This lack of security enables hacker...