Question

ALL THE QUESTIONS BELOW ARE BASED ON CYBER SECURITY COURSE. SO PLEASE ASN THE QUESTION. THE NAME OF THE TOPIC

"DENIAL OF SERVICE ATTACKS"

À chat Denial of surface menu 2) What is Denial of Service es =) wheet us Destrubutine Denial of seruisce. Q2 Describe the Tcp sin cetrack, 23 Describe the UDP fludding attach. Qy Describe the DNS Carruption attack. clore How. Do you reduce the St. Risk of A TEP Sin attack. Os How Do you menimize yours export Exposer wig white lista a7 How Do you Black malicious party. un using a Black list.

Answer 1

DENIAL OF SERVICE ATTACKS

A Denial of Service Attack may be a cyber attack in which the attacker make a system or a resource unavailable to the user by temporarily denying services . It is often done by sending the system or resource with large number of requests in an effort to overload systems and stop some or all valid requests from the user.

DISTRIBUTIVE DENIAL OF SERVICE

Distributive Denial of Service Attack occurs when the user is attacked from different sources at the same time, which makes it impossible to stop the attack by blocking a single source of attack.

TCP

TCP or Transmission Control Protocol is a networking standard that defines how to establish and maintain a network communication through which application programs can exchange data. TCP works along with the Internet Protocol or IP, which defines how systems send packets of data to each other.

TCP SYN ATTACK

TCP Syn Attack is a type of Denial of Service Attack in which an attacker sends continous synchronized requests to the user system in an attempt to consume large number of server resources to make the system unresponsive to valid requests. It is a protocol attack, in which real server resources, firewalls etc. are affected.

UDP

UDP or User Datagram Protocol is a communication protocol which facilitates the exchange of messages between systems in a network. It speeds up transmissions by enabling the transfer of data before an agreement is provided by the receiving party.

UDP FLOODING ATTACK

UDP Flood Attack is also a Denial of Service Attack, using the User Datagram Protocol. An UDP Flood Attack can be done by sending a large number of UDP packets to random ports on the user. Now, the user will check for any applications, listening at that attacked port. When it confirms that, there are no application is listening at that port, it will reply with an ICMP Destination Unreachable Packet. For the large number of UDP packets send by the attacker, the user system will be forced to sending as many ICMP packets, which will be unreachable by other clients automatically.

ICMP

ICMP or Internet Control Message Protocol is an error reporting protocol which is used by network devices like routers to generate error messages to the source IP address when network problems prevent delivery of IP packets.

DNS

DNS or Domain Name System is the address book of the web. We can only access information online through domain names, like google.com. Web browsers like Google Chrome interact through IP addresses. DNS translates domain names to IP addresses so internet browsers can load internet resources.

DNS CORRUPTION ATTACK

DNS Corruption Attack or DNS Cache Poisoning is a type of system hacking, in which corrupt DNS address is saved into the original DNS address's cache, which results in the name server to return a false result. This results in the request being diverted to the attacker's choice of address.

HOW TO REDUCE THE RISK OF A TCP SYN ATTACK

The methods by which we can reduce the risk of a TCP Syn Attack, is as follows:

1. Syn Cache
2. Syn Cookies
3. Firewalls and Proxies
4. Filtering
5. Hybrid Approaches
6. Increasing Backlog
7. Reducing Syn-Received Timer
8. TCP Half Open
9. Recycling the Oldest Half-Open TCP

WHITE LIST

White List is a type of cyber security filtering, giving authorized access to user approved programs, IP addresses, system resources etc. The things that are not in this list is automotically blocked.

MINIMIZING EXPOSURE USING A WHITE LIST

By applying filtering to application programs, IP addresses, system resources etc., we can increase the data and netwrok security and also we can increase the productivity rate, as there will be less traffic and less risk in the network. Thus, we can minimize the exposure to attacks and risks using a white list.

BLACK LIST

Black List is a basic access control technique that filters out the users, email addresses, IP addresses, domain names, file extensions etc. The items on the Black List are denied access automatically.

BLOCKING MALCIOUS PARTY USING BLACK LIST

Like applying White List filtering, there will be things in the Black List. They are automatically blocked and denied access to various functions of the system. Specific malcious applications, file extensions, IP addresses can be blocked, by adding them to the Black List. The anti virus programs uses the technique of Black Listing, to safeguard our system.