Denial-of-Service (DoS)

In DoS attack, the attacker will flood the systems, servers, Network with the traffic & in turn, it will exhaust the resources & bandwidth. As a result, system will not be able to response or request a service.

With the need of services, the host will send the vital information that will harm it by the attacker.  High profile web-server like of banks, credit card gateway, government website.  It becomes difficult to access the database in absence of services required by host.

DoS Attack_Vadodara_CCNA in Vadodara

Aaj Ka Gyan – Types of Attack

Security – Vivekananda IT Institute

Distributed Denial-of-Service (DDoS)

DDoS attacks are carried out from more than one machine (Host). These machines are generally called Botnets. In short, the traffic is flooded by many different sources. So to block/prevent or to safeguard is not possible by stopping the attack of a single source.

DDoS is carried out the tools such as Stacheldraht or methods like IP Spoofing, Smurf Attack, Fraggle Attacks, SYN Floods, etc.

DDoS Attack_Vadodara_CCNA in Vadodara

Aaj Ka Gyan – Types of Attack

Security – Vivekananda IT Institute

DoS v/s DDoS

The attackers flood the traffic to make the services unavailable for the host (Victim Machine)  V/s  The attackers flood the traffic to make the services unavailable for the host (Victim Machine). This adversely affect the database servers

The attack is carried out by the single Machine V/s The attack is carried out by multiple machine

It is easy to prevent & Neutralize V/s It is more difficult to prevent due to multiple source attack

Malware are not used for this attack V/s With multiple machines, Malware are channelized to the host Machine

Difference between DoS and DDoS_Vadodara

Aaj Ka Gyan – Types of Attack

Security – Vivekananda IT Institute

Man-in-the-Middle

Man-in-th-Middle (MITM) attacks are carried by intercepting between the communication of source & destination (endpoints).
So, the attacker gets all the access to the messages exchanged between the two.
When we talk about intercepting, the attacker disguises himself as both the parties of the conversation.
It thus accesses the public keys from both the endpoints & encrypt/decrypt it with his own private keys. The victims will find it as a legitimate sender, unknown about the MITM attack happens with them.
It is also a form of eavesdropping attack.

Man In the Middle Attack_Vadodara_CCNA in Vadodara

Aaj Ka Gyan – Types of Attack

Security – Vivekananda IT Institute

Man-in-the-Middle Attack Prevention

Key Agreement Protocol  are developed to protect the security channel.

Transport Layer Security (TLS) along with public key infrastructure increase the strength of TCP against the MITM Attacks. Certificate Authority (CA) verifies the exchange of certificate between server & client.

There are other way to ensure Authentication Detection, of which some require Human Interventions.

Preventing Man In the Middle Attack

Aaj ka Gyan – Types of Attacks

Security – Vivekananda IT Institute

TCP Flags

When talking about TCP, it is a connection oriented protocol. The 3-way handshake uses SYNs & ACKs message, but TCP segments carry the data. These TCP Segments have some purpose & these purpose are defined by the flags options.  Sender or Receiver will specify flags to send the message correctly. We can see the different flags:

ECN-Echo, Urgent, Push, Reset, Synchronisation Flag, FIN Flag

TCP Flag_Vivekananda IT Institute

Aaj ka Gyan – Types of TCP Flags

TCP – Vivekananda IT Institute

TCP Flags – ECN Echo

ECN (Explicit Congestion Notification)

ECN helps to resolve the congestion between sender & receiver.

It helps to send the notification of network congestion without dropping any packets. Previously this signal congestion is reported by dropping the packets.

Once the receiver send the echo of the congestion, the sender will reduce the transmission rate just like it had dropped the packet.

Further, ECN is supported by TCP by 3 flags in TCP Header.

These are called ECN-Echo & Congestion Window Reduced bits.

Aaj ka Gyan – ECN Echo Flag

TCP – Vivekananda IT Institute

TCP Flags – Urgent Pointer

It is used when something urgent to be sent for the receiver.

Suppose a host wanted to sent the message to a destination application which is  at a remote location. If it appears that there is a problem, the host will stop the data transfer.

For this, the host will send the abort signal. In normal situation, this signal will be queued at the remote host till all the previous data is processed.

With the help of urgent pointer, the host will sent this abort signal without waiting in the data que. The Urgent Pointer flag is set to “1”. This number denotes the position of the segment. And thus, the data is transmitted quickly.

Urgent Pointer - TCP Flag

Aaj ka Gyan – Urgent Pointer Flag

TCP – Vivekananda IT Institute