Wednesday, March 22, 2017

DOS Attack's

What is DOS ?

The term DOS can refer to any operating system, but it is most often used as a shorthand for MS-DOS (Microsoft disk operating system). Originally developed by Microsoft for IBM, MS-DOS was the standard operating system for IBM-compatible personal computers.




All MS-DOS-type operating systems run on machines with the Intel x86 or compatible CPU's, mainly the IBM PC and compatibles. Machine-dependent versions of MS-DOS were produced for many non-IBM-compatible x86-based machines, with variations from relabeling of the Microsoft distribution under the manufacturer's name, to versions specifically designed to work with non-IBM-PC-compatible hardware. For as long as application programs used DOS APIs instead of direct hardware access, they could thereby also run on non-IBM-PC compatible machines.

Attack's :
  1. HTTP POST DOS attack :- The HTTP POST attack sends a complete, legitimate HTTP POST header, which includes a 'Content-Length' field to specify the size of the message body to follow. It is notable that unlike many other DOS attacks, which try to subdue the server by overloading its network or CPU, a HTTP POST attack targets the logical resources of the victim, which means the victim would still have enough network bandwidth and processing power to operate.
  2. Peer-to-peer attacks :- Attackers have found a way to exploit a number of bugs in peer-to-peer servers to initiate D Dos attacks.                                                                                                                               While peer-to-peer attacks are easy to identify with signatures, the large number of IP addresses that need to be blocked (often over 250,000 during the course of a large-scale attack) means that this type of attack can overwhelm mitigation defenses.
  3. Slow Read attack :- Slow Read attack sends legitimate application layer requests but reads responses very slowly, thus trying to exhaust the server's connection pool. Slow reading is achieved by advertising a very small number for the TCP Receive Window size and at the same time by emptying clients' TCP receive buffer slowly. That naturally ensures a very low data flow rate.
  4. Ping of death :- DOS attack in which the attacker sends a ping request that is larger than 65,536 bytes, which is the maximum size that IP allows.  Ping of death attacks are rare today as most operating systems have been fixed to prevent this type of attack from occurring.

No comments:

Post a Comment