Denial of Service (DOS)

In today’s complex IT environment, organizations are looking for a secure infrastructure. In order to implement highest level of security, organizations are spending a lot on security equipment and software. They are trying to reduce the complexity and increase the confidentiality of their resources. As the technology is advancing, and its implementation has made it more difficult for hackers to breach the security, the hackers are also keeping this pace with security experts. They keep on finding more innovative ideas to crack the security.In this blog, I would be covering one of the common attacks which organizations are facing. You must have heard of “Denial of Service (DOS)”, this is an attack in which an effort to squeeze the computer resource is made by either inserting a computer virus or overflowing the network with inadequate traffic. This type of attacks can be classified into two forms, computer attack and network attack. DoS attacks steal the resources, such as bandwidth or data storage space, to interfere with a network service.
Some of the common forms of denial of services attacks can be listed as:

Ping of death	In this case, attacker intentionally sends a ping packet, normally larger than 65,535 bytes to cause Ping of Death. It often causes computer system crash as most of the computer systems cannot handle such large IP packet.
Ping of flood	In this case, attacker crushes the victim's network with ICMP Echo Request packets. A flood of ping traffic consumes significant bandwidth on low to mid-speed networks bringing down a network to a crawl.
Smurf Attack	In this case, attacker sends repeated ping request to broadcast address of the target network.  The ping request packet generally uses forged IP address to cause the denial of service attack.
Teardrop Attack	In this case, attacker sends IP fragment packets that are difficult to reassemble. A confusing offset value in the succeeding fragments is added and if the receiving system doesn't know how to handle such situation, it may cause the   system to crash.
Mail Bomb	In this case, attacker sends large number of email messages with large attachments to a particular mail server causes Mail Bomb. It fills up disk space resulting in denied email services to other users.

Attacking a victim from multiple compromised computers can be defined as DDoS (Distributed Denial of Service). In this case, attacker installs a virus or Trojan software on compromised systems, and uses them to flood a victim's network in a way that the victim's server cannot handle it. This type of attack is sometime termed as, coordinated attacks as it generally involves 3 parties: an offender (who plans the attack), helpers (unsecured computers) and a victim (the person or organization who is hacked).

To avoid such attacks, organizations should use real-time filters such as firewalls and filtering routers to block particular Internet services, which seem to be exhaustive in nature.

Another solution can be, using CAPTCHAs for your applications. CAPTCHA stands for Completely Automated Turing Test To Tell Computers and Humans Apart. It is a program that protects websites against automated software, and illicit users. CAPTCHA generate tests that humans can easily pass but current computer programs cannot.

 If a user enters fake credentials multiple times, the server returns an error message indicating failed login followed by a CAPTCHA. Before granting the access to login screen again, as shown in above figure, the CAPTCHA is verified. This approach blocks fake requests in the initial stage itself.