DoS: Difference between revisions

From Hackepedia
Jump to navigationJump to search
← Older edit
should maybe create an ICMP and reference it instead
rearrange
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
Denial of Service is the exhaustion of resources on a computer or network.  Legitimate users will be interrupted from doing their regular tasks and often a loss of monetary resources are involved.  Denial of Service can cause stocks to fall and make administrators nervous and run around like chickens with their head cut off.
Denial of Service is the exhaustion of resources on a computer or network.  Legitimate users will be interrupted from doing their regular tasks and often a loss of monetary resources are involved.  Denial of Service can cause stocks to fall and make system administrators nervous.


----
----


In order to minimise the effects of a DoS a [[Firewall]] can be used as well as creating policies that limit resources to an entity.  
In order to minimise the effects of a DoS a [[Firewall]] can be used as well as creating policies that limit resources to an entity.  
Most common DoS attacks come in the way of ICMP packets. As per [[RFC]][http://www.faqs.org/rfcs/rfc792.html 792] there are several types of ICMP you may wish to block. Most people would only leave the two ping types permitted:
Most common DoS attacks come in the way of ICMP packets. As per RFC 792 there are several types of ICMP.  You may wish to block some. Most people would only leave the two ping types permitted:
     0  Echo Reply
     0  Echo Reply
     3  Destination Unreachable
     3  Destination Unreachable

Latest revision as of 02:09, 31 March 2013

Denial of Service is the exhaustion of resources on a computer or network. Legitimate users will be interrupted from doing their regular tasks and often a loss of monetary resources are involved. Denial of Service can cause stocks to fall and make system administrators nervous.

In order to minimise the effects of a DoS a Firewall can be used as well as creating policies that limit resources to an entity. Most common DoS attacks come in the way of ICMP packets. As per RFC 792 there are several types of ICMP. You may wish to block some. Most people would only leave the two ping types permitted: 

   0  Echo Reply
   3  Destination Unreachable
   4  Source Quench
   5  Redirect
   8  Echo
  11  Time Exceeded
  12  Parameter Problem
  13  Timestamp
  14  Timestamp Reply
  15  Information Request
  16  Information Reply

Some useful detection commands assuming you're using tun0: 

# tcpdump -i tun0 -n icmp
# netstat -i -p icmp -I tun0

See also Ddos.

Retrieved from "https://hackepedia.org/?title=DoS&oldid=5508"