Sunday, January 29

Denial of service attacks - Know about exploiting weaknesses in software

Denial of service attacks is an attack on a computer which disables the computer to such an extent that normal work cannot be carried out on it. For example the internet worm effects a computer by executing simultaneously on each infected computer and so slowing down other programs to the point where useful results could not be obtained from them. There are a number of ways that denial of service attacks can be made.

First, a program can be inserted into a computer which consumes amounts of some resource. This program could for example be an attachment to an email, it could masquerade as a software update issued by the supplier or it could enter the computer because of a weakness in the software that controls the computer. These types of attacks are relatively easy to guard against.

Second the attack can be one in which the perpetrator does not insert a program into a computer, but makes massive demands on some services that the computer provides, For example, during the NATO action against Serbia, Serbian crackers developed a program which sent large amount of email to the main NATO computer, resulting in the computer being so overwhelmed that normal mail was rejected. These attacks cannot be so easily prevented.

Exploiting weaknesses in software:

Here are two infamous denial of service attacks which exploit insecurities in the software used to administer the internet. The ping of death involved the perpetrator sending packets of data larger than the maximum of 65,536 bytes which are allowed by the internet data transfer software. When a computer receives such a packet it will crash. Happily, the major vendors have issued software patches which have made the ping of death obsolete.

A more recent denial of service attacks is the Teardrop attack. In the internet, messages are sent in packets which are reassembled in the right order at the recipient computer. The teardrop attack produces packets which contain contradictory information about how the whole collection of packets should be reassembled. Faced with this contradictory information, many computers crash when attempting to reassemble the packets into the original message.