Have you ever been a victim of Dos Attack?

On By Aman Dubey
dos attack

Have you ever been a victim of Dos Attack?

If you are from the technical background you must be knowing about the cyber attacks which are performed by the black hat hackers(bad hackers)  for personal financial gain or other malicious reasons.Have you ever been a victim of Dos Attack?

DOS and DDOS are very famous among the black hat community. These attacks are performed in order to down the website.

So, What is Dos attack?

DOS stands for denial of service attack, in which an attacker sends so many requests to the website so that website is overloaded by the requests and will not be able to work properly thus, it crashes down.

let understand this with a real-world scenario example,

Suppose there are two very famous e-commerce website A and B. A is doing business very well. B wants to give competition to A, but somehow B is always lagging behind A.

Now, there will be a big billion day sale on both the company. And B knows that most of the customer will buy from A website so, what B will do is, B goes for an illegal method. B will execute DoS attack on A website.

therefore, ultimately on the sale day, A website will be crashed and all the customer will go to B.

In a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.

A DoS or DDoS attack is analogous to a group of people crowding the entry door or gate to a shop or business, and not letting legitimate parties enter into the shop or business, disrupting normal operations.

DOS/DDOS attack methods

  1. Protocol or Fragmentation attack–In this attack, the hacker overbears a network by exploiting datagram fragmentation mechanisms. Fragmentation is very important for data transmission, every network has a particular limit for the size of datagrams that it can process. This limit is known as the maximum transmission unit (MTU). The attacks start with understanding the process of IP fragmentation, a communication procedure in which IP datagrams are broken down into small packets, transmitted across a network and then reassembled back into the original datagram.If a datagram is being sent that is larger than the receiving server’s MTU, it has to be fragmented in order to be transmitted completely.
  2. Application Layer Attack— In this attack, attacker target and exploit the layer 7 protocol stack. The hacker over exercise the specific function of the website to disable them.
  3. Volumetric Attack— This is the most common form of Dos attack This attack use large amount of traffic in saturating the bandwidth of the target website. Here attacker sends the large volume of useless packets to target, thereby using all the resources.

DOS attack can be performed by using these tools–

  • Metasploit
  • Aircrack-ng
  • Rudy
  • HOIC
  • Blast
  • UDP flooder
  • Tor’s Hammer
  • Nemesy

in upcoming articles, we will also see the demonstration of these tools.

 

Legality

Many jurisdictions have laws under which DoS Attacks are illegal. In India Information Technology Act. 2000, has provisions for DoS/ DDoS attacks.