TCIL-IT Ethical Hacker

Assignment No. 3

1. What are DoS Attacks & DDoS Attacks? Ans. DOS or DDOS attacks are related to internet and networks. DOS stands for Denial of Service and DDOS stands for Distributed Denial of Service. In a DOS or DDOS attack the attacker attempts to prevent the authentic users from accessing the the web services. In both of these attacks the attackers tries to block the services by overloading the targeted server where the web service is running. Whenever you try to access any website you send http requests to the server where the website is being hosted. All the web server and the networks are capable of handling a particular number of request per second (threshold value) if the number of requests crosses this threshold value then the web server goes into a non active mode where it will no more be able to handle any http requests. At this condition the web server virtually dies. This situation is called denial of service. Before making a website lives, the number of users are estimated and accordingly the hosting capacity is selected. Hence all website has got their own limit.

How does DOS and DDOS attack work? In DOS attack the attacker runs a program on a system connected to internet. This program sends multiple http requests to the targeted server causing network blocking for the web server. There after the authentic users will not be able to access the website any more. When you try to open any website under DOS or DDOS attack you will get a network timeout error in your browser. What is the difference DOS and DDOS attack? In both the attacks the targeted server and network goes down. So what is the difference between these two attacks? Actually these two attacks are named based on the source of attack. In DOS attack the attacker runs the program from a single computer where as in DDOS attack the attacking program are being run from multiple systems or from a distributed network. In DDOS attack the attacker may use your system to attack a different system. See the below image description for a clear understanding of DOS and DDOS attacks:

DoS Attack

DDoS Attack

Techniques used for DoS Attacks: 1. This is a website DOS attacking technique done by a tool called rDOS. It is build to attack a website having open vulnerable port.

Here it is we have DoS Attack on a website. But this is only educational purpose. Dont do in your real life.

2. Crazy Pinger is another tool for DoS Attack but only in LAN Network. By this tool we can attack a PC locally. Like if we have N/W about 192.168.1.1 to 192.168.1.30 & we are on 192.168.1.1 and we want to attack on 192.168.1.20. By this tool 192.168.1.20 PC will be very slow and hang after

some time and may be it will be shut down automatically. Lets take an example.

Techniques used for DDoS Attacks: As we read already about DDoS Attack. We have tool named LOIC (Low Orbit Ion Cannon). This tool is used for DDoS Attack.

Lets take an example.

But this was only for educational purpose. Dont try it yourself.