Exploits and Attacks to Gain Control

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here

Exploits and Attacks to Gain Control:


Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks: Denial-of-Service (DoS) and Distributed Denial of Service (DDoS) attacks target and absorb resources to the extent that those resources or services can no longer be used. This is a more surreptitious form of attack as ID of an authorized user isn’t required. These attacks usually occur during network connectivity & host availability tests.

Here are examples of DoS and DDoS attacks:

  • Smurf: an attack based on using the Internet Control Message Protocol (ICMP) echo request through the ping function. The originating site (source site) will send an altered or spoofed ping packet to the broadcast address of a network (the bounce site). The target site’s address is carried in the modified ping packet. This triggers the bounce site to broadcast bogus information to all of the devices on its local network. The devices then respond with a reply to the target system, which will then be flooded with these replies.
  • Buffer Overflow: this is an attack where a process is flooded with data beyond its capacity to handle. If that process isn’t equipped to deal with an excessive amount of data, it reacts in unexpected ways that an attacker can exploit.
  • Ping of Death: this is a version of the buffer overflow attack. This packet exploits a flaw with ICMP by sending an ECHO packet of more than 65K octets of data, which can create an overflow of system variables which causes the system to crash.
  • Teardrop: this attack targets UDP. The attacker revises length and fragmentation of offset fields in sequential UDP packets and transmits them to a system. When the system attempts to reassemble the packets from the fragments, the fragments overwrite each other cycling contradictory instructions to the system on how the fragments are offset on these packets. The end result: the target system crashes.
  • SYN is a method where the attacker exploits the use of the buffer space during a three-way Transmission Control Protocol (TCP) session initialization handshake. A source host sends a TCP SYN request when requesting a connection session with the destination host that will respond with an acknowledgement (ACK), and return a SYN response. The normal process from here is the source host sends a final ACK packet, but in a SYN attack the attacker sends a barrage of SYN requests without ever sending the final ACK. This causes the target system to time out while waiting for the proper response, eventually making the system crash or become unusable.

TCP Hijacking: In a TCP hijacking, the session between a trusted client and network server is hijacked. The attacker substitutes its IP address for that of the trusted client. Once the session is disrupted, the attacker has opportunity to create a new back door account or can access files and services that a legitimate host has access to. This type of attack usually happens after a trusted client has connected to the network server.

More on Social Engineering, Dumpster Diving and Software Exploitation:

View Topics

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel