Skip to main content

Denial of Service (DOS) attacks - Tutorial

Denial of Service (DOS) attacks are intended to shut down or slow down targeted servers for a period of time. As the name says a successful DOS (Denial of Service) attack ensures legitimate users are not getting any kind of services from the victim. In general Denial of Service (DOS) attacks ensure the attacked server busy with forged connection requests and keep it on a status where the server is no longer able to accept connection request from any legitimate users. In this tutorial we would like to introduce some common methods to perform DOS attacks:


Common Methods to Perform DOS Attack


  1. ICMP flood to Perform Denial of Service Attack:

    Sending unlimited number of packets by ping command to the targeted server is known as ICMP flood. This method can be done in the following way.

    A simple DOS attack code would be:

    ping {ip} -t -l 20000

    On command prompt window you can type the following command. This command sends 20000 bytes of data to the IP address, in a single packet. The -t is to ping the specified host until stopped and -l is to specify the buffer size. As shown in the above example ICMP flood is simple and easy to prevent now a days. We have a different tutorial for another form of attack using the similar technique. To read it follow the link below.
    What is Smurf attack & how to prevent it
  2. TCP Attacks:

    If the attacker can create a reliable TCP connection between victim and attacker, the DOS attack would be fatal. In order to do that attacker needs to trick the server (victim) to establish a TCP connection by following the steps mentioned in the link below.

    How to Perform TCP Split Handshake Attack


    If the attacker failed to create a TCP connection between victim and attacker, another form of attack is possible. This is called TCP/SYN flooding. Here attacker floods TCP SYN packets to the server with forged sender address. Server responds to SYN packets and wait for the response. Since the sender address is forged server will not get any response and it cause server slow to respond to legitimate users who ask the same connection request.
  3. Teardrop attack:
    Another form of DOS Attack is Teardrop attack. It involves sending mangled Internet Packet fragments with overlapping, over-sized, payloads to the target machine.
  4. Peer to peer attack
    In peer to peer attack thousands of computers will try to access a single computer at the same time. It will break down all the connection from the server and the target machine will fail.
  5. Application level Flood : Application level flood is done by mis-programming of an application installed on the server.So it will consume a major portion of server computing power and memory and slow down the server.

DOS attack with ping flood will work only if the following cafeterias are satisfied:

1. Attacker should have higher bandwidth than the victim.
2. Victim should respond to the ping requests

DOS Attack and DDoS attack

In Distributed Denial of Service attack (DDoS) more attackers are involved and the result is more fatal compared to DoS Attacks.

DOS attack is about attacking a server but if one web server is spreading malware to client computers what will we do? The following link tells the necessary steps to prevent it.
Steps to Deal with Malware Spreading Websites


Technology Guide

Comments

vinoth said…
hi.....
its very nice ......how can we stop this ping request during execution plz sent it to my mail at vinothk178@gmail.com
Siju George said…
Deny responses to continues ping requests.
Manohar said…
Good article. Could you please write a tutorial for DDOS Attacks with necessary steps ? I mean practical steps..
Arun Nair said…
Hey, Here I would like to ask few questions.

1 Is it legal to perform DDOS attack like the steps provided here ?

2. What legal actions Governments and companies can take against me if I conduct such an attack ?
Admin said…
Hi Arun,

Performing DDOS attack or Smurf attack is completely illegal. Steps provided here are just for educational purpose.

Recent Posts

How to Configure Idea 4G & 3G on Android Phone -APN Settings

When you activate Idea GPRS, 4G or 3G Internet on your Android phone, your phone will receive the automatic settings. However, sometimes you may need to configure the Access Point and GPRS settings for Idea (both GSM second and third generation) connection manually on your Android phone. In case if you delete the previous configuration, it is better know how to setup the same settings again by yourself. A wrong Access Point Name can stop you from accessing their mobile broadband service. Otherwise after deleting the existing APN for Idea 3G or GPRS you may need to re-insert the SIM again to get automatic settings from them. If you know the manual configuration steps, you can avoid that hardware procedure. If you are looking for the steps to get maximum speed from Idea 4G, you may click the link below and follow the instructions. The below hack will increase the Idea 4G data transfer speed.


Boost Idea 4G Data Transfer Speed

Steps to Configure Idea 4G/ GPRS/ 3G on Android Click on Applic…

Eligibility and Exam Pattern CBI Officer Recruitment 2017 - Sub Inspector By SSC CGL

To become an officer in Central Bureau of Investigation ( CBI ) is a dream of many youth in India. Though this elite investigation agency is popular among public, many do not know the procedure to join CBI as an officer. This article explains the various criteria, eligibility, exam pattern and procedure to become a CBI officer. Two different agencies conduct examinations to fill vacancies in CBI. They are UPSC and SSC. To become a group A officer in CBI, you must choose Civil Service Examination conducted by UPSC and become an IPS officer. To join as Sub Inspector in CBI, you must go through SSC CGL examination.

Name Of the Post Recruitment Agency Group A OfficerUPSC (Civil Service Examination)Sub InspectorSSC CGL
Where to Apply
If you are dreaming to become an Officer in CBI, you must pass the Combined Graduate Level Examination (CGL ) conducted by Staff Selection Commission (SSC) in every year. You must wait for the next SSC CGL notification and prepare for the same. It is a 4 tier …

Kerala Civil Excise Officer Examination (Women & Men) Notification

Applications to the post Civil Excise Officer ( Trainee) in Kerala Excise Department are invited by Kerala Public Service Commission. It is a district level examination and those who have passed Plus Two or equivalent can apply to only one district. Kerala Excise Department collects Excise Revenue for the state and it is their duty to enforce various Excise Acts. Excise Department is a law enforcement agency and control the manufacturing and distribution of alcohol and other Intoxicating Drugs. Civil Excise Officer is the new name given to Excise Guard and they are the lowest ranking enforcement officers in the department. Excise Guards ( older name of Civil Excise Officer ) are empowered with the power to arrest anyone who committed offence in a public place against the Abkari Acts.
Notification Number Name of The PostLast Date to Apply501/2017 Women Civil Excise Officer 03-Jan-2018 340/2016 Civil Excise Officer 14-Dec-2016 341/2016 Civil Excise Officer (Transfer) 14-Dec-2016
How …

Kerala Government Higher Secondary School Teacher Recruitment

Kerala PSC has invited applications from eligible candidates to recruit Higher Secondary School Teacher for Kerala Higher Secondary Education Department. Vacancies are available for teachers in various subjects and the detailed information is provided in the chart below. Monthly starting salary of Government Higher Secondary School Teacher (Junior) in Kerala Higher Secondary Eduction is 32300-68700/-Indian Rupees. Age limit to apply for Higher Secondary School Teacher post in Kerala for general category is 20 -40 years. Usual upper age relaxation is allowed for candidates belongs to OBC and SC/ST category. Kerala Government Higher Secondary School Teacher Examination detailed syllabus and previous year question papers are updated in the charts below.
Notification NumberName of the Post Last Date to Apply 246/2017Higher Secondary School Teacher (Junior) English20-09-2017 247/2017Higher Secondary School Teacher (Junior) Political Science20-09-2017 248/2017Higher Secondary School Tea…

PING: Transmit failed. General Failure - Reasons and Solution

Yesterday while checking network connectivity, I received one error message while trying to ping loopback address from my Windows computer. The error message I received is "PING: Transmit failed. General Failure" and all the packets send from command prompt were lost. I tried to ping a different loopback address but the result was same. I fixed the issue by following a set of steps and sharing those troubleshooting steps in this tutorial hoping it may help in case if you experience the same error message PING: Transmit failed. General Failure.


Broadband Hack To Improve Speed

This is the output I received when I ping loopback address.

C:\Users\sijugk>ping 172.0.0.21 Pinging 172.0.0.21 with 32 bytes of data: PING: transmit failed. General failure. PING: transmit failed. General failure. PING: transmit failed. General failure. PING: transmit failed. General failure. Ping statistics for 172.0.0.21: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)


Reasons an…

Modify SBI Inter-Bank Beneficiary For RTGS & NEFT

To complete online money transfer using either RTGS or NEFT in your State Bank of India net banking account, the first step is to add the account details of the person to whom you are sending money. Once the details are added under Inter-Bank Beneficiary list, you can start sending money to his/her account. However, it is possible that you might have entered wrong details while adding the beneficiary details. SBI allows users to either modify or delete a beneficiary if the user find the details incorrect. This article explains how to modify or delete beneficiary on SBI account within few minutes. The same procedure can be followed if you are seeing you have reached the maximum number of beneficiaries in your account while adding a new one.

Step By Step Instructions To Delete Beneficiary in HDFC Bank

Steps to Add a Beneficiary in State Bank Net-banking Account

Visit the SBI Netbanking login Link and enter netbank username and password.

https://retail.onlinesbi.com/retail/logi…