What are DOS and DDoS Attacks ? - with Practicals.

Denial of service attack is a special type of attack in which an attacker generates the unusual request and traffic on targeted system ti make it unstable and slowing it down.

Generally, an attacker renders traffic in a range as compared to the bandwidth of the targeted system. When the targeted system overflows due to consumption of more resources the whole system processes slows down and ultimately the target system becomes unstable. The main reason behind this attack is to make a system unstable first.

Many big giants have faced denial of service attack. In some cases, an attacker is not able to found vulnerability or not able to take advantage of the vulnerability. Hence, attacker tries to crash the system by performing the denial of service attack on it. Denial of service attack may turn into a nightmare, sometimes crashing leads to complete corruption of the targeted system.

Do read our Networking article for more clarification of the topic : Click Here

Denial of service attacks are generally divided into two major categories :

1. Simple Denial of Service (DoS)

1. Distributed Denial of Service (DDoS)

Simple Denial of Service (DoS) :

Denial of service attack is the general type of DDoS attack. In this only single attacker machine takes part while performing the DoS attack . Generally, the simple DoS attack is used to flood the systems having small bandwidth or when attack is performed at comparatively low level. The ultimate aim of DoS attack is to make the targeted system unstable by generating the unusual traffic which will ultimately consume more resources, the system becomes slower and hence the system gets crashed.

Distributed Denial of Service (DDoS) : 

Distributed denial of service is more advanced type of DoS attack which is generally performed at higher levels. In this type of attack, an attacker uses multiple compromised systems known as zombies or bots to flood the target system. Distributed denial of service is generally more dangerous than normal denial of service attack.

In the distributed denial of servie attack, multiple compromised systems generate traffic towards the target system. This attack is used when the bandwidth is comparatively high. Large numbers of data packets are used to flood the network. An attacker firstly creates botnets or uses the compromised machines to perform this attack.

Effects of Denial of Service

1. Target systems became unstable and unresponsive.
2. The network of target system is disabled and leads to complete organizational disablement.
3. Sometimes, the target system is corrupted and there might be big financial losses.
4. The corporate network disturbs.
5. There might be high maintaining cost involved.

Denial of service do not infect or exploit the target system. It floods the network which ends up resulting into high resource uses. It can flood the bandwidth or memory uses, can result into fragmentation of disk space or slowing down of every process. Sometimes, there may be physical damage that can occur.

Steps of performing DDoS attack :

1. An attacker writes a script which automatically sends PING request to the target network. To carry out a DDoS attack, Zombies (Infected computers which are under attacker's control) are required.
2. An attacker tries to infect the computer using malicious scripts like viruses and turn them into zombies. An attacker requires thousand of zombies in order to perform a successful DDoS attack.
3. Attacker sets the zombie to send PING request to the targeted network and at the same time thousand of zombies sends the PING request to the target network. They continue to attack until the attacker disarms them or they get disinfected.
4. Due to high traffic, the target is not able to pick up too much load and hence got crashed.

                                

Countermeasures to avoid Denial of Service attack :

1. Using dedicated hardware like cisco which can handle the loads to a greater extent.
2. Using strong encryption channels.
3. Traffic monitoring and packet analysis.
4. Using TCP Intercept techniques to avoid forged 3-way handshakes.
5. Proper employee training.
6. Updating and patching the software timely.
7. Setting up Honeypot and intrusion detection systems.

Performing Denial of Service attack:

A. Using HPING3 for Denial of Service attack : 

1. Run Kali Linux and open terminal
2. Type "etherape" in the terminal to open etherape (if not installed type "apt-get install etherape")
3. Open a new terminal and type " hping3 -S [Your IP] -a [Target IP] -p [Port number] --flood "
4. This command is to flood the source ip using a spoofed ip address. There will be no replies shown up to the user.
5. The traffic in the etherape will be according the port used. If the port will 80 than traffic will be HTTP traffic (Port 80 represents HTTP service)
6. See the screenshot below :

B. Using CPU Death Ping :

Download : CPU Death Ping

1. CPU Death Ping is a very good tool to perform Dos attacks.
2. Download and open CPU Death Ping.
3. Input target IP on which you want to perform Dos attack.
4. Now there are two methods to perform Dos attack using this tools (don't change any of the configuration).
5. Insert target IP address and set the size of the packet and click on ping ip. 
6. It will flood target ip address by continuously sending ping request. To stop the dos attack, click on kill ping.
7. Try both the methods and explore the tools.

So are you now clear with what are DoS and DDoS attacks. if you have got any doubt do let me know below in comment section . Also let me know, How DoS / DDoS attaack can be completely stopped ?

Follow me on Instagram : @xhackerboyy (Click)