Also known as Denial of Service Attacks (DoS), these are considered a Hack by some or just basic vandalism by others.

Wikipedia describes a the attack as “is an attempt to make a computer resource unavailable to its intended users”. The process is designed to make an internet service or computer powerless to be serviceable by its user or users.

The method of attack may vary but the most common is just to flood a computer with a large number of requests through pinging the ip address. This then results in the server being powerless to respond to legitimate requests.

The Ping of Fatality is a large ICMP packet. The target receives the ping in fragments and starts reassembling the packet. But, due to the size of the packet once it is reassembled, it is too huge for the buffer and overflows it. This causes unpredictable results, such as reboots or system hangs.

Why would someone want to do this?

Reasons that a hacker might want to resort to DoS might include the following:

  • A trojan has been installed, but a reboot is required to activate it.
  • A hacker wishes to cover their tracks very dramatically, or cover CPU activity with a random crash to make the site reckon it was just a fluke.
  • The hacker is acting out of the need (or delusion) that the DoS serves a greater excellent, such as a DoS attack on Pro Life sites by Pro Choice believers.
  • The hacker isn’t a hacker at all, but a pissed off lamer who has a poor outlook and too much free time.

Reasons that a sysadmin might use DoS:

* A sysadmin may want to ensure that their site is not vulnerable by testing out the latest patch.
* A sysadmin has a runaway process on a server causing problems and cannot physically access the box (Simple Nomad has officially done this twice now).
* The sysadmin isn’t a sysadmin at all, but a pissed off lamer who has a poor outlook and too much free time.

Distributed DoS Attacks?

Distributed DoS attacks are an fascinating phenomena. The premise goes like this:

  • Attacker compromises 500 computers
  • Attacker installs unique software to listen for orders and send massive lots of packets
  • Attacker uses unique client software to send orders to 500 computers to direct them to flood a victim network

Tags: , , ,