Manualshelf

Datasheet

ManualsBrandsFor Dummies ManualsSoftware978-0-470-64748-6
11121314151617181920
Book IV
Chapter 1
Network Security
Terminology
457
Identifying Types of Attacks
Denial of service
Another popular network attack is a denial of service (DoS) attack, which
can come in many forms and is designed to cause a system or network
device to be so busy that it cannot service a real request from a client,
essentially overloading the system or device and shutting it down.
For example, say you have an e-mail server and a hacker attacks the e-mail
server by flooding the server with e-mail messages, causing it to be so busy
that it cannot send any more e-mails. You have been denied the service that
the system was created for.
There are a number of different types of DoS attacks that have come out
over the years, including the following:
Ping of death: The hacker continuously pings your system with over-
sized packets causing your system to crash.
SYN flood: The hacker performs a partial three-way handshake with
each port on the system. This uses up memory on your system and
eventually crashes the system. The hacker accomplishes this by sending
a SYN message to a number of different ports, but when your system
replies with an ACK/SYN, the hacker does not complete the process
with an ACK. As a result your system holds that partial connection in
memory, waiting for the ACK. For more on the three-way handshake,
SYN, and ACK, see Book I, Chapter 4.
To protect against denial of service attacks, you need to have a firewall (a
piece of software or a hardware device that prevents someone from entering
your system or network) installed, and you should also keep your systems
and devices patched (apply any updates and security fixes).
Spoofing
Spoofing is a type of attack in which a hacker modifies the source address of
a frame or packet. There are three major types of spoofing:
MAC spoofing: The hacker alters the source MAC address of the frame.
IP spoofing: The hacker alters the source IP address in a packet.
E-mail spoofing: The hacker alters the source e-mail address to make
the e-mail look like it came from someone other than the hacker.
An example of a spoof attack is the smurf attack, which is a combination of a
denial of service and spoofing. Here is how it works:
1. The hacker pings a large number of systems but modifies the source
address of the packet so that the ping request looks like it is coming
from a different system.
22_647486-bk04ch01.indd 45722_647486-bk04ch01.indd 457 10/15/10 11:27 PM10/15/10 11:27 PM