Critical operations by preventing a machine, a server or an entire network, From responding to a user’s request, Hackers create these delays through resource Exhaustion, where they take up or exhaust all available bandwidth, disk, space or Memory capacity, They find ways to trick a machine into either crashing or Performing so poorly that it’s impossible to work as intended, Denial-of-service attacks are intentional and malicious.
How do they work In the early days of Network computing, it was quite easy for a single person to wreak havoc on users. And websites Once upon a time it was possible for a Single hacker to exploit TCP/IP protocols, The hacker simply flooded a Server with multiple ping requests until it was overwhelmed and couldn’t respond, Which effectively shut down the server Early hackers invented ways to exploit Weaknesses in TCP/IP ICMP packet implementations because they knew that Early operating systems couldn’t handle these errors Simply sending the server Something other than what it was expecting was enough to shut it down At one point, even sending packets larger than what the ICMP specification called For was enough to crash a machine.
Another early trick involved, exploiting The TCP/IP three-way handshake, Here’s how the handshake works, The Client sends a SYN packet to the server indicating its intention to synchronize Or start a conversation, The server returns a SYN-ACK packet Acknowledging the SYN request, The client then sends an ACK packet, acknowledging The SYN ACK and waits for further communications Hackers exploited this known process by not communicating after the final ACK, which left the server Hanging The server is effectively left, saying: “, Hello, I’m waiting and waiting and Waiting.
..”, The hacker, starts multiple conversations: And always leaves the server waiting after the final ACK packet. These fill the servers incoming queue and it’s limited number of open requests. The hacker has Effectively backed up the server and denied service to all legitimate Requests Aside from attacking TCP/IP Vulnerabilities hackers are also adept at attacking poorly constructed websites. For instance, unprotected search mechanisms provide a popular point of Access into a website, Let’s look at a typical online store web application Say you need to buy a heat lamp for your iguana Padfoot.
You enter the term heat Lamp into the search box on Bob’s Exotic Animals website Your search request; Passes from your computer to the web server, but Bob’s inventory isn’t on the Server it’s in his database, so the web server passes your search term to Bob’s Database in a query, His database compiles a list of all matching product. Records and passes it back to the web server, which organizes and formats those Records before sending them back to you and displaying them on your computer, Screen, Ah there’s the heat lamp Padfoot needs.
Legitimate searches like yours are no Problem for Bob’s website, But what, if a hacker, is attempting to crash the site? What, if they’re, trying to trick the System into doing something it can’t handle, Let’s say the hacker enters AEIOU into The search box on Bob’s website, Instead of searching for a specific word or Phrase the hacker wants every product name that contains a vowel. The search request is passed off the same way to Bob’s database.
However, this time the matching product Records take longer to compile because the hacker’s request matches every Product in Bob’s database Now what happens if the hacker sends the same? Search request, hundreds, if not thousands of times, Because Bob didn’t prevent this Type of denial of service attack it effectively locks up his database and Shuts down his website Now, no one can order heat lamps.
Nowadays, programmers design operating Systems to address and avoid TCP/IP errors, They also typically aggressively Protect against malicious use of systems Searching for the vowels AEIOU on any Well-Designed website won’t fool the process and it won’t take down a website Because of programming advancements. It’s very difficult for a single hacker to Take down a server or network using these attack methods, However, as Programmers address known vulnerabilities hackers ever innovative Continue to evolve and find new techniques to attack servers, DoS attacks have evolved into DDoS attacks or distributed denial-of-service attacks.
Distributed means the attacks are spread out over several. Perhaps thousands of Computers, instead of launching from a single computer, But that is a topic for Another day Today, you learned what a denial-of-service attack is and how Hackers exploited early flaws in operating systems to deny service to Authorized users Understanding the history of these attacks provides you With the foundation to prevent future attacks, Congratulations You’ve completed Denial-Of-Service Attacks