DoS here means DENIAL OF SERVICE, (in the top of the keywords on search engines besides the well-known "mp3" and "sex"). What is Denial of Service? A motes-a-motes translation I don't think would be appropriate - "prohibition of services", but it would be quite close. Here I will try to briefly show information about the most common DoS attack methods, ways to prevent, monitor the system and improve security.
What is DoS?
Denial of Service or "blocking services" in Romanian, is the shutdown without permission of a computer, even to bring down the entire system.
Motivation of an attack.
The motivations for a DoS attack are extremely diverse. Much depends on the maturity of the attacker, most beginners have as their main reason the desire for revenge on a certain user, admin or the desire to show the whole world what it presents.
After that will come immediately the desire to gain access where not all mortals have.
And the maturity of an attacker would be to act for more serious reasons: political, economic reasons, etc.
Most systems have allocated hundreds of megabytes for swap space for customer demand. Thus, the swap space is used more for son processes that have a short lifespan.
Kernel memory allocation
There is some limit to the allocation of memory by the kernel. If this limit is reached, the system will need to be restarted. Using a suitable algorithm could bring a system down.
An attack mode that would require the allocation of a substantial amount of RAM would cause quite serious problems to the system. More vulnerable to this would be email servers that do not need much RAM and usually have less working memory.
Filling a computer's hard disk would be a classic method of attack. Another aspect would be the deterioration of the disc by overloading it.
Disabling services would be the main purpose of a DoS attack. But attacking IneTD would be ideal, because it would shut down everything that was started by inetd.
How to protect our system against DoS attacks?
The thing is, you can't make your system one hundred percent invincible, but there are some things that would greatly increase your chances against an attacker.
1. Correction of errors in system security
Over time, new holes in system security are discovered. That's why you should be aware of the latest discoveries. You can find them at CERT (Computer Emergent Response Team) or at BugTraq.
Always look for and install the latest patches. Patch is a program that aims to cover some holes in the system or correct an error.
2. Scan ports
Scan your system ports periodically to see if you don't have services you don't need - they pose a high risk to your system's security. Also, some smarter users may install some services without your knowledge.
Test the methods of internal and external attack on your system. This is how you will see in practice the application of what you read as well as the effects.
4. Additional software
It is not a bad idea to install system monitoring software, users, various logging utilities. If your network has Internet access, you need to protect it with a firewall.
- What is your reaction?
- powered by Verysign
- powered by Verysign