Quick introduction to DoS and DDoS

Jul 16 2010 00:00 | sykadul in Lectures

• You cannot edit this article
Author: Anonymous

With the current expansion of Internet worldwide, it became extremely

necessary the creation of new forms of attacks by the hacker community, the
concept of DoS (Denial of Service) and DDoS (Distributed Denial of Service)
was born. This type of attack became popular by targeting entities where the
availability of various services is the key to the entity's success as well as the
reason for its existence, amongst those entities we can include as examples,
Banks, ISP, E-commerce websites, etc.. Where every hour, minute or even
second means the possible loss of huge amounts of money.

Pre-Attack and Pre-Requirements

It became, for quite a long time an unsolved puzzle for many security
professionals the choice of the best time to create an attack network, pre-
target-identification or post-target-identification, for sake of neutrality let's
say that the best time depends on the objective to achieve, the attacker's
mentality and its skills.
We can easily understand that creating a pre-target-identification attack
network that is fully functional at the zero attack hour has the same impact
as a post-target-identification attack network of the same size ,power and is
completely functional but in reality this is not completely true. A pre-target-
identification has to be idle for more time, therefore causing network nodes
to become inactive either by a sysadmin covering/fixing/patching the
attacker's entry point or by the implementation of more restrictive security
measures.
The attack methodology used for the expansion of an attack network have
been modified since the earliest *DoS attacks, what started as simple Host-
by-host attack and the successive host append to the network turned into a
battle of "intelligent" scripts/worms capable of doing the job by their own
means without almost no human intervention on the process and with a
power far more superior than the individual host attack method.
Once formed the attack network, let's look at the attacker as a pyrotechnic
technician with all his fireworks ready to launch and begin the show...The
countdown clock reaches zero... The attacker presses the trigger (or some
pre scheduled event occurs)... The show begins... But what happens?

Post Attack Analysis

From the uninformed victim's point of view, the attack was apparently
conducted by various attackers at the same time, almost like an army that
marched towards a castle, the real enemy would be the army's leading
person and the army itself would just be the attacker's puppets, this lack of
knowledge gives the attacker some time, making the victim go through all of
the painful "Back-trace" process which sometimes due to a small budget, the
high adjacent cost of the analysis and depending on the dimension of the
damages caused can lead to the suspension of the attack's forensics.

Protection layers

It is fairly trivial that the more protection layers exist between the attacker
and the victim, more anonymous and protected the attacker's identity will be
and more difficulties will the victim run across to unveil the attack source.
An elevated number of layers will, as expected, create "lag" between layers
which can lead, if badly idealized, to the total of partial failure of the attack,
on the other hand a small number of layers can lead to an easy detection of
the attacker and therefore, large prejudice for the attacker, it is, in sum,
essential to create a balance between both extremes to obtain a successful
attack and effective risk distribution.

Other types of DoS

Examples of other attacks aimed at basic and essential company and

individual's resources which are "un-wired" can include amongst others,
electrical or telephonic cuts, extreme adverse climate conditions (bearing in
mind that this attack is however not controlled by the attacker), access cuts
(roads,etc..) and probably the most common used forms, the interception
and/or manipulation followed by a negation of information or data
transmitted via mail etc.
HTTP Status codes
Jul 16 2010 00:00 | sykadul in General information
• You cannot edit this article
The following list contains the HTTP status codes as long as a short
description associated with each of them.

100 Continue
101 Switching protocols
200 OK
201 Created
202 Accepted
203 Non-Authorative information
204 No Content
205 Reset Content
206 Partial Content
300 Multiple Choices
301 Moved Permanently
302 Moved Temporarily
303 See Other
304 Not Modified
305 Use Proxy
400 Bad Request
401 Unauthorized
402 Payment Required
403 Forbidden
404 Not Found
405 Method Not Allowed
406 Not Acceptable
407 Proxy Authentication Req.
408 Request Time-Out
409 Conflict
410 Gone
411 Length Required
412 Precondition Failed
413 Request Entity Too Large
414 Request-URL Too Large
415 Unsupported Media Type
500 Server Error
501 Not Implemented
502 Bad Gateway
503 Out of Resources
504 Gateway Time-Out
505 HTTP Version not Supported

Note that the first digit of each status code reveals the type of response
which can fall into 5 categories:

• 1xx Informational
Request received, continuing process.

• 2xx Success
The action was successfully received, understood, and accepted.

• 3xx Redirection
The client must take additional action to complete the request.

• 4xx Client Error

The request contains bad syntax or cannot be fulfilled.

• 5xx Server Error

The server failed to fulfil an apparently valid request.

For more information on Hypertext Transfer Protocol -- HTTP/1.1 please refer

to RFC2616