A denial-of-service or DoS attack prevents someone from using a computer service. DoS attacks have a huge attack surface, and the attacker can carry out this attack in the following two ways:
Deny a service using a programming flaw.
Deny a service using resource exhaustion.
The motivation behind carrying out a denial-of-service attack might include competitive advantage, extortion, entertainment, or manipulation, etc. A few common DoS attacks are:
The attacker can use the structure of DNS lookups to increase the load induced on the resource. The attacker causes a large amount of traffic by making random requests to the DNS resolvers so that the amplified responses are sent to the target by the resolvers.
General defenses against DNS amplification attacks include reducing the total number of DNS resolvers and verifying the source IP addresses.
The attacker can carry out a DoS attack on Internet access by sending many network packets to overwhelm the rate at which the router processes the packets.
The most common defense against a network DoS attack includes installing a
The attacker targets the memory rather than the network capacity in this attack. Using the TCP’s 3-way connection, the attacker sends a unique SYN in large numbers, causing the memory to be exhausted. When an actual user tries to open a new connection, TCP will deny the connection.
The most effective defense against the SYN Flood attack is using SYN cookies.
The attacker might manipulate the code to use up all of the disk space, such as creating unlimited processes or files to damage the disk.
General defenses against this attack include isolating the users of the operating system and imposing quotas.
The attacker might supply an input that crashes the system or fools a system into shutting down by leveraging a programming flow.
General defenses include careful coding practices and proper authentication.
Free Resources