Ga day mate (s):

Harry Nasty Hacker here (incognito) and up to my old tricks again. Today I am going to get that boss man for being so mean to me. I came up with a plan to mess up his whole day through his network. I’m going to completely flood the network with so much junk, it won’t even be able to handle all the traffic. You see I was messing around on the Internet the other day, and found this thing called Denial-of-Service Attack.

All I have to do is prevent legitimate users from accessing the network with an excessive amount of messages asking the network or server to authenticate requests that have invalid return addresses. The network or server will not be able to find my return address when sending the authentication approval, which will cause the server to wait before closing the connection. When the server closes the connection, I will send more authentication messages with invalid return addresses. Hence, the process of authentication and server waiting will begin again, keeping the network or server busy. Cool, yes?

If I get bored with this attack, I can try some of these others:

• Disrupting the connections between two machines, thus preventing access to a service

• Preventing a particular individual from accessing a service.

• Disrupting a service to a specific system or individual

• Disrupting the state of information, such resetting of TCP sessions

I also found a cool attack which uses Smurfs, but I can’t figure out how to get the little blue fellas into the computer and through the line. Wait, What? (my co-conspirator is talking). Not the blue guys? Oh, silly me -

So yet another variant of the DoS is the smurf attack. This involves emails with automatic responses. If I email hundreds of email messages with a fake return email address to hundreds of people in the organization with an autoresponder on in their email, the initial sent messages can become thousands sent to the fake email address. If that fake email address actually belongs to someone, this can overwhelm that person's account. So what happens if no one has autoresponder turned on? What if this floods my system?

Well, I’m guessing Harry Hacker isn’t all that bright anyway. What is the sense in deliberately hurting someone? Especially when Harry will probably get caught anyway.

Back to the Denial of Service Attacks, they can also cause the following problems:

• Ineffective services

• Inaccessible services

• Interruption of network traffic

Connection interference

Another type of attack called Distributed Denial of Service Attack might be worth mentioning.

These attacks are launched from multiple connected devices that are distributed across the Internet. They are executed by multiple persons, on multi-device barrages, they are generally harder to deflect, mostly due to the sheer volume of devices involved. Now unlike the single-source DoS attacks, DDoS assaults tend to target the network infrastructure in an attempt to saturate it with huge volumes of traffic and are launched from botnets which are large clusters of connected devices (e.g., cellphones, PCs or routers) infected with malware that allow remote control by an attacker.

Denial-of-service attacks can be divided into two general categories:

1. Application layer attacks (a.k.a., layer 7 attacks) can be either DoS or DDoS threats that seek to overload a server by sending a large number of requests requiring resource-intensive handling and processing. Among other attack vectors, this category includes HTTP floods, slow attacks (e.g.,Slowloris or RUDY) and DNS query flood attacks.

The size of application layer attacks is typically measured in requests per second (RPS), with no more than 50 to 100 RPS being required to cripple most mid-sized websites.

2. Network layer attacks (a.k.a., layer 3–4 attacks) are almost always DDoS assaults set up to clog the “pipelines” connecting your network. Attack vectors in this category include UDP flood, SYN flood, NTP amplification and DNS amplification attacks, and more.

Any of these can be used to prevent access to your servers, while also causing severe operational damages, such as account suspension and massive overage charges.

DDoS attacks are almost always high-traffic events, commonly measured in gigabits per second (Gbps) or packets per second (PPS). The largest network layer assaults can exceed 200 Gbps.

Earlier I commented on why a person would want to hurt another person, well here are some reasons or shall we call then “motivations”?...

• Hacktivism: “Hacktivists use DoS attacks as a means to express their criticism of everything from governments and politicians, including “big business” and current events. If they disagree with you, your site is going to go down (a.k.a., “tango down”).”

• Cyber Vandalism: “– Cyber vandals are often referred to as “script kiddies”—for their reliance on premade scripts and tools to cause grief to their fellow Internet citizens. These vandals are often bored teenagers looking for an adrenaline rush, or seeking to vent their anger or frustration against an institution (e.g., school) or person they feel has wronged them (here’s Harry). Some are, of course, just looking for attention and the respect of their peers. (Really, respect!)

• Extortion – “An increasingly popular motivation for DDoS attacks is extortion, by which a cybercriminal demands money in exchange for stopping (or not carrying out) a crippling DDoS attack. Several prominent online software companies—including MeetUp, Bitly, Vimeo, and Basecamp—have been on the receiving end of these DDoS notes, some going offline after refusing to succumb to the extortionists’ threats.”

Personal rivalry, Business competition, and Cyberwarfare are a few others.

One can’t really prevent DoS Attacks, but to monitor the traffic looking for abnormalities, unexplained traffic spikes, some unexpected visitor from say overseas might be a good indication of being attacked. Watch the social media usage, consider using a third-party DoS testing service which can be found on the internet. Have a response plan with a rapid response team trained to defend against this type of attack, perhaps a good backup system which can be activated as a secondary system while the network is cleared. I’m thinking of an industrial site where the network is vital to the pocket book getting larger.

I’m thinking we have heard this statement before:

"If you spend more on coffee than on IT security, you will be hacked.

What’s more, you deserve to be hacked.”

Richard Clarke - National Security Council (NSC)

The operating system I would keep on my computer is Windows 7 because I feel it is still the “better” system Windows has next to XP. Once I get better at Linux, that will be my choice. So for now, oh, yes I caught Harry before he got his attack off. I told you he would get caught. So long for now, and “Happy Researching”

Resources:

"What Is a Denial-of-Service Attack (DoS)? - Definition from Techopedia." Techopedia.com. Web. 13 Apr. 2016.

"Denial of Service Attacks." What Is a Distributed Denial of Service (DDoS) Attack? Web. 13 Apr. 2016.