From the monthly archives:

March 2011

DoS and DDoS Attacks

There are many complex types of website attacks that are carried out by Technical or Semi Technical attackers. Some of these complex attacks include DoS (Denial of Service) attacks and DDoS (Distributed Denial of Service) attacks.

I have implemented Firewall, still I am vulnerable?

Yes, It is possible to attack on server with DoS and DDoS attack even if you have implemented firewall.

I have DoS and DDoS attack application can I do attack on any system?

No, you should not try DoS and DDoS attack on server until and unless you have permission to do it. It is punishable act under cyber crime. IT Act 2000 has provision for DoS and DDoS attacks.

What is DoS and DDoS, How can I come to know that my Application is DDoSed?

In DoS and DDoS attack generally a single person or group of person try to compromise application vulnerability and by this way it will not let user to access website or web services.

How do they do it?

Following are some methods to compromise website, server or operating system.

  1. Send Massive Requests to website
  2. Router attacks
  3. Communication Channel
  4. Unauthorized code execution/ Instruction
  5. P2P file Sharing

Let’s understand each of them

1. Send Massive Requests to Website

Sending massive request to web site or web-server is also a type of DoS attack and if this attack is having multiple sources then it is called as DDoS. Due to increase in simultaneous request at a point of time web-server or website will stop responding to genuine users to access website.

In many cases we have seen crash or server, slowdown the server or shutdown of the server. Unless your server has capacity to handle such numerous requests, then security is breached and it will take long time to overcome from this damage.

Many times these attacks are done from intensive purpose from competitor, as people are buying limited bandwidth for website and by this trail your website will be out of bandwidth and people will not be able to access your portal.

I am a performance tester, and I do this practice. Am I a DoS attacker? Can anybody file case against me?

Yes, if you do not have written permission from your client to do application performance testing. If your client is using shared server then you should ask web hosting service provider as well.

2. Routers Attacks.

Attacker can attack on routers and eventually they can use router to destroy your website as well.

Frankly speaking I have not used this attack but one can use DoS attack to poison your routing records and it will redirect your request to another location.

One can implement IPS to prevent such kind of attacks on router. But remember IDS can detect attacks only if you have proper signature of the attack.

3. Communication Channel

Website will give you slow response when they have some upload or download configured. Attacker can user this technique to implement DoS or DDoS attack. One can start uploading large file and at the same time start downloading large file. During this period your server processor will do high processing and overall it may cause denial of service.

When file upload option is enable many servers do virus check as well and overall it will consume some process and give chance attacker to formalize a good attack.

4. Unauthorized code execution/ Instruction

This mechanism is made to confuse application security architecture or operating system. This may reset your application. Attackers are smart enough to inject code or re-sequence the application procedure. For example while heavy file is being uploaded attacker is sending command to delete the file. During this operation processor my stuck to 100%.

So, all DoS and DDoS attacks are limited to only servers. Is it true?

No, Any user who is connect to internet or network can be a victim of DoS or DDoS attack. Even network can be victim of DoS attack.

5. Peer to peer file sharing

Peer to Peer sharing websites or application can make you victim or source of DoS and DDoS attack. Applications like utorrent, if not configured properly can publish your details to another user while sharing contents.

Some more methods to attack on web application security and stopping user to access website involves

  1. Teardrop attacks,
  2. Degradation attacks,
  3. Nuke attacks,
  4. Reflected, or Distributed attacks,
  5. Permanent denial of service attacks.

VN:F [1.9.10_1130]
Rating: 9.5/10 (4 votes cast)

  

{ 2 comments }

Personal Smartphones. What the heck is that?

According to Gartner, 90 percent of companies have some policy in place for governing personal computers and laptops in office.  While 43% percent have enacted policies for using personal devices in the workplace, 48 percent simply prohibit them.

As the cost of computing devices went down, most enterprises converged to a solution: provide every employee with their own ‘work’ device, be it a laptop or a computer. Today, most employees carry at least two laptops, one for work and another for personal use.  Just as enterprises’ privacy and security concerns seemed to have found a solution, a much larger and more complex challenge emerged: the Mobile Device.

While the revolution in mobile world has been one of the major achievements of the last decade, it has also posed a great challenge to enterprises who want to take advantage of it without compromising on security and privacy. Can the same solution work as it did for laptops and computers inside enterprises? Can every employee carry two mobile devices, one for work and one for personal use? Definitely not.

So, what is the solution? How can enterprises ensure that the mobile devices that employees bring in to work are not leaking highly confidential information that resides on their IT systems? How can they integrate mobile into their processes securely?

Enterprises cannot simply prohibit employees from downloading other apps on their personal mobile devices, and there is no guarantee that these apps won’t sabotage your data or hack into your enterprise apps. They can’t even impose restrictions on how employees use their ‘personal’ mobile devices. No matter how secure your enterprise apps are, it is virtually impossible to control other apps on a mobile device.  So, what is the solution? This is a question that will keep intriguing most enterprises who see mobile as a great opportunity to take their businesses to next levels.

VN:F [1.9.10_1130]
Rating: 10.0/10 (1 vote cast)

  

{ 0 comments }