blog




  • Essay / TCP/IP Security Attacks and Prevention

    Table of ContentsThere are different ways to prevent deadly ping attacks. I will focus on two attacks DOS (Denial of Service) and IP spoofing. Say no to plagiarism. Get a tailor-made essay on “Why violent video games should not be banned”?Get the original essayDenial of Service (DoS): Denial of Service involves an attacker (hacker) disabling or corrupting the networks of the network the user. Denial of service attacks involve either a system crash or a slowdown. Distributed denial of service (DDoS) attacks are a subclass of denial of service (DoS) attacks. A DDoS attack involves multiple connected online devices, also known as a botnet, on which hackers use fake credentials. SYN Flood: - TCP SYN flood is a type of distributed denial of service (DDoS) attack that exploits part of the three normal TCP protocols. -way handshake with user resources on the main server. The user requests a connection by sending a SYN (synchronization) message to the server. The server acknowledges receipt by sending a Syn-Ack (synchronization-acknowledgement) message back to the client. The user responds with an ACK message, and the connection is established. In a SYN flood attack, the attacker or hacker sends repeated SYN packets to every port on the targeted server, often using a fake IP address. The targeted server is unaware of the attack from an attacker or hacker and receives multiple seemingly legitimate requests to establish communication. It responds to each attempt with a Syn-Ack packet from each open port. Either the malicious user does not send the expected ACK, or if the IP address is spoofed, they never receive the Syn-Ack in the first place. The attacked server will do so. wait for the acknowledgment of its Syn-Ack packet for a certain period of time. During this time, the server cannot close the connection by sending an RST packet. Before the connection can time out, another SYN packet will arrive. This leaves an increasing number of connections half-open – and SYN flooding attacks are also called “half-open” attacks. Eventually, as the server's connection overflow tables fill up, service to legitimate clients will be denied and the server may even malfunction or crash. There are different ways to prevent SYN cookies. Death is a type of denial of service (DoS) attack in which an attacker attempts to crash, destabilize, or freeze the targeted computer or service by sending malformed or oversized packets using a simple ping command. While death ping attacks exploit legacy weaknesses that may have been patched in the target systems. However, in unpatched systems, the attack is still relevant and dangerous. Ping Flood Attack The Ping flood attack, also known as Internet Control Message Protocol (ICMP) flooding, is a common denial of service (DoS) attack. In this case, an attacker destroys a user's computer by taking over it with ICMP echo requests, also known as pings. The attack involves flooding the user's network with request packets, only to know that the network will respond with an equal number of response packets. Additional methods to bring down a target with ICMP requests include using one's own tools or codes, messing with the user's computer. This occurred on both inbound and outbound network channels, consuming significant bandwidth and resulting in a denial of service. In HTTP Flood attack, it is a type of denial attack.