Blog

Denial of Service (DoS) and DDoS Attacks

DoS attack, denial-of-service attack, is an explicit attempt to make a computer resource unavailable by either injecting a computer virus or flooding the network with useless traffic. In simple words, it is similar to thousands of people trying to enter a room from a single entrance, ultimately causing havoc. This not only disturbs the normal operations of the network but also results in poor performance and system breakdown due to overwhelming requests. A large-scale DDoS attack (ranges up to 400 GBps) can affect the internet connectivity of an entire geographical region. There are two types of DoS attacks: computer attack and network attack. Common forms of denial of services attacks are:

What is IP Spoofing and how to avoid it?

IP Spoofing is a technique used to gain unauthorized access to machines, whereby an attacker illicitly impersonates another machine by manipulating IP packets. IP Spoofing involves modifying the packet header with a forged (spoofed) source IP address, a checksum, and the order value. Internet is a packet switched network, which causes the packets leaving one machine may be arriving at the destination machine in different order. The receiving machine resembles the message based on the order value embedded in the IP header. IP spoofing involves solving the algorithm that is used to select the order sent values, and to modify them correctly.

What is a proxy server?

Proxy server is a computer that sits between a client computer and the Internet, and provide indirect network services to a client. It may reside on the user's local computer, or at various points between the user's computer and destination servers on the Internet. A proxy server intercepts all client requests, and provide responses from its cache or forwards the request to the real server. A client computer is connected to the proxy server, which acknowledges client requests by providing the requested resource/data from either a specified server or the local cache memory. Client requests include files or any other resources available on various servers.

What is DHCP?

The Dynamic Host Configuration Protocol (DHCP) is a network protocol which functions at the application layer of the Internet Protocol (IP) suite. A server which uses DHCP will be able to dynamically assign IP Addresses and other network configuration parameters to devices on the network; thus, allowing communication to a second network. The protocol can be implemented of networks of any sizes, ranging from small home area networks (HANs) to large campus area networks (CANs) and even the networks used by Internet Service Providers (ISPs).

What is a TCP/IP?

TCP/IP, Transmission Control Protocol/Internet Protocol, is the suite of two protocols, TCP and IP, used to interconnect network devices on the Internet. The TCP performs the handshake between the network devices to establish a socket. The socket remains open during the communication. The source TCP converts the data into packets and sends to the destination TCP. The TCP performs acknowledgment for the successful delivery of the packets. If a packet drops on the way, the source TCP resends the packet. The IP layer is responsible for sending and receiving the data to the correct destination. The TCP/IP stack is comprised of the following layers.

What is a MAC Address?

MAC, Media Access Control, address is a globally unique identifier assigned to network devices, and therefore it is often referred to as hardware or physical address. MAC addresses are 6-byte (48-bits) in length, and are written in MM:MM:MM:SS:SS:SS format. The first 3-bytes are ID number of the manufacturer, which is assigned by an Internet standards body. The second 3-bytes are serial number assigned by the manufacturer.

What is a Subnet Mask?

address and the host address. A subnet mask separates the IP address into the network and host addresses (<network><host>). Subnetting further divides the host part of an IP address into a subnet and host address (<network><subnet><host>) if additional subnetwork is needed. Use the Subnet Calculator to retrieve subnetwork information from IP address and Subnet Mask. It is called a subnet mask because it is used to identify the network address of an IP address by performing a bitwise AND operation on the netmask.

What is an IP Address?

The Internet Protocol Address (or IP Address) is a unique address that computing devices such as personal computers, tablets, and smartphones use to identify itself and communicate with other devices in the IP network. Any device connected to the IP network must have a unique IP address within the network. An IP address is analogous to a street address or telephone number in that it is used to uniquely identify an entity.