Denial-of-Service Attacks

Implementing Detective and Preventive Measures 
749
DoS attack will transmit so many data packets to a server that it cannot process them all. 
Other forms of DoS attacks focus on the exploitation of a known fault or vulnerability in 
an operating system, service, or application. Exploiting the fault often results in a system 
crash or 100 percent CPU utilization. No matter what the actual attack consists of, any 
attack that renders its victim unable to perform normal activities is a DoS attack. DoS 
attacks can result in system crashes, system reboots, data corruption, blockage of services, 
and more. 
Another form of DoS attack is a
distributed denial-of-service (DDoS)
attack. A DDoS 
attack occurs when multiple systems attack a single system at the same time. For example, 
a group of attackers could launch coordinated attacks against a single system. More often 
today, though, an attacker will compromise several systems and use them as launching plat-
forms against the victims. Attackers commonly use botnets to launch DDoS attacks. 
DoS attacks are typically aimed at internet-facing system. In other words, 
if attackers can access a system via the internet, it is highly susceptible 
to a DoS attack. In contrast, DoS attacks are not common for internal sys-
tems that are not directly accessible via the internet. Similarly, many DDoS 
attacks target internet-facing systems.
A
distributed refl ective denial-of-service (DRDoS)
attack is a variant of a DoS. It uses 
a refl ected approach to an attack. In other words, it doesn’t attack the victim directly, but 
instead manipulates traffi c or a network service so that the attacks are refl ected back to 
the victim from other sources. Domain Name System (DNS) poisoning attacks (covered in 
Chapter 12) and smurf attacks (covered later in this chapter) are examples.

Download 19,3 Mb.

Do'stlaringiz bilan baham: