CCSA# 14

DOS, DDOS & Botnet

Disclaimer:

Usage of these information/Data/Tools/Techniques for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. The Computer Joker/Instructor/Owner assume no liability and are not responsible for any misuse or damage caused by this program. Only use for educational purpose. The Computer Joker/Instructor do not support/promote hacking. For more details, head to our t&c page.

dos attack

In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.

Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.[

dos - explained

types of dos attack

There are two general methods of DoS attacks: flooding services or crashing services. Flood attacks occur when the system receives too much traffic for the server to buffer, causing them to slow down and eventually stop. Popular flood attacks include:

Buffer overflow attacks :

The most common DoS attack. The concept is to send more traffic to a network address than the programmers have built the system to handle. It includes the attacks listed below, in addition to others that are designed to exploit bugs specific to certain applications or networks

ICMP flood leverages misconfigured network devices by sending spoofed packets that ping every computer on the targeted network, instead of just one specific machine. The network is then triggered to amplify the traffic. This attack is also known as the smurf attack or ping of death.

SYN flood sends a request to connect to a server, but never completes the handshake. Continues until all open ports are saturated with requests and none are available for legitimate users to connect to.

ddos attack

In a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.

A DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, thus disrupting trade.

dos & ddos protection

Set a web-server configuration against DOS/DDOS attacks

Alter an ISP firewall to allow only the traffic complimenting to the services on the company side

Deploy firewall to fight SYN flood attacks

Migrate public resources to another IP address

Relocate all business-critical applications to the cloud or move to the separate public subnet

use a CDN - Content Delivery Network such as Cloudflare

botnet

botnet (short for “robot network”) is a network of computers infected by malware that are under the control of a single attacking party, known as the “bot-herder.”

Each individual machine under the control of the bot-herder is known as a bot. From one central point, the attacking party can command every computer on its botnet to simultaneously carry out a coordinated criminal action. The scale of a botnet (many comprised of millions of bots) enables the attacker to perform large-scale actions that were previously impossible with malware. Since botnets remain under control of a remote attacker, infected machines can receive updates and change their behaviour on the fly.

botnet - explained

botnet are used for?

Botnets can also be used to do things like:

Send email spam

Generate fake web traffic to drive revenue

Coerce payment from a user to remove their device from the botnet

Be rented out or sold to other hackers

prevention for botnet(infected)

Run regular antivirus scans

Never download attachments from email senders you don’t know

Run regular software and operating system updates to patch vulnerabilities

Avoid untrustworthy websites & ads

Antivirus Is the Best Solution

That's all for this module!

Click below to get to the Next Module - Introduction of cyber laws & IT acts

“Talk is cheap, show me the code”

-LINUS TORVALDS <Creator of Linux kernel>

Disclaimer:

Usage of these information/Data/Tools/Techniques for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. The Computer Joker/Instructor/Owner assume no liability and are not responsible for any misuse or damage caused by this program. Only use for educational purpose. The Computer Joker/owner/Instructor do not support/promote hacking. For more details, head to our t&c page.

want a training?

Please contact us by filling the form on the right side for:

--> Live One to One Training

--> Course materials (pdf, tools & videos)

--> For any queries/feedback & suggestions.

Social
Contact

hi@thecomputerjoker.com

© copyrighted 2021. All Rights Reserved.