Magazine posts:
Files available: 		38
293
Hacking Library
Main page
Library magazine
Text archives
Trojans related
Password related
Messenger related
IRC related
Virus related
Web bug scanners
Nukers/Flooders
IP Scanners
Security area
Webmasters area
Missing files
About us
Contact us
Links / Affiliates
.
Underground Libra
DDLbyte.com
Macintosh UG List
Warez Downloads
Progenic Toplist
r00t Security
Suck-O Community
haxxx.net
Direct Downloads
.
Hacking Library password
 Global tip
Library
Donate to unlock the passworded files and support us!
Library
 
 Most recent posted
  Google's spyware! Aug/8
  Virus spreadingFeb/18
  Setup iStealer for PHP loggingFeb/13
  Password grabbersFeb/12
  Keylogging passwordsFeb/11
  Steal logins with fake sitesAug/3
  Hidden programs in WindowsJul/21
  DoS Attack tutorialJul/18
  SQL Injections tutorialJul/18
  Another phishing tutorialJul/18
  Phishing tutorial Jul/18
  Defacing a website Jul/18
  Whats is hacking? How its done?Jul/18
  Telnet hacking tutorialJul/17
  Simple cmd.exe tricks for startersJul/17
  Hacking a Network ComputerJul/17
  Basics of PHPJul/10
  What is a hacker? Jul/10
  Find an IP address Jul/10
  How a trojan/rat works in few words Jul/10
  How to catch a hacker Jul/10
  Few words about exploits Jul/10
.
Library magazine		 
Lets get started Denial of Service or (DoS) attacks have matured from mere annoyances to 
severe high-profile attacks to e-commerce sites. When performing DoS attacks there are alot of 
approached techniques, including the famous but old "Ping of Death" which will be covered in 
this tutorial. DoS has been raging on since the 90's, getting more advanced and more serious. 
This tutorial is going to explain the jist of it to you.

We will start at the beginning and I will start by saying that if you plan to bring down a 
site with DoS its probably going to take more than 1 computer. The rage which has hit with DoS 
is DDoS (distributed denial of service) which is a DoS attack, but not done by one user, done 
by many users or a bot armie. A famous DDoS attack is the one done to GNR.com the attack 
completely took up all the sites bandwith within seconds. There site was recorded to have been 
attack by 456 Windows users.Now that you understand the god like power of this raging and more 
feared attack. Lets move on to the different types of DoS attacks.


---Fragmentation overlap

By forcing the OS to deal with overlapping TCP/IP packet fragments, this attack caused many 
OSs to suffer crashes and resource starvation. Exploit code was realeased with names such as 
bong,boink, and teardrop.

---Oversized Packets

This is called the "Ping of Death" (ping -1 65510 192.168.2.3) an a Windows system (where 
192.168.2.3 is the IP adress of the intended victim). What is happening is the attacker is 
pinging every port on the victims computer causing it to echo back 65510 requests. Another 
example is a jolt attack a simple C program for OSs whose ping commands wont generate 
oversized packets. The main goals of the "Ping of Death" is to generate a packet size that 
exceeds 65,535 bytes. Which can abrubtly cause the victim computer to crash. This technique
is old!

---Nukers

Yet another old form of attack this is related to a Windows vunlnerablity of some years ago 
that sent out-of-band(OOB) packets. To the consenting computer causing it to crash.

---SYN floods

A newer technique of DoS is SYN floods, basically this is done through a 3 step process
better known as the three way handshake. When a TCP connection is initiated this occurs. 
Under some normal circumstances, a SYN packet is sent from a specific port on system 1 to 
a specific port on system 2 that is in the LISTEN state. Then the potential connection on 
system 2 is in a SYN_RECV state. At this stage system 2 will attempt to send back a SYN/ACK 
packet to system 1.If all works out, system 1 will send back an ACK packet, and the connection
will move to an ESTABLISHED state. Now thats what happens most of the time, but a SYN flood is 
different it creates a half open connection. Most systems can sustain hundreds of connections 
on a specific port, but it will only take a few half open connections to exhaust all the 
resources on the computer.

---Smurf Attacks

The smurf attack was one of the first to demonstrate the use of unwitting DoS amplifiers on 
the Internet. A smurf takes advantage of directed broadcasts and requires a minimum of three 
actors: the attacker, the amplifying network, and the victim. What happens is the attacker 
sends out spoofed ICMP ECHO packets to the broadcast address of the amplifying network. The 
source address of packets is forged to make it appear as if the victim system has initiated 
the request. Then all hell breaks loose!!! Because the ECHO packet was sent to the broadcast 
address, all systems on the amplifying network will respond to the victim. Now take a thought 
if the attacker sends just a single ICMP packet to an amplifying network which contains 500 
systems that will respond to a broadcast ping, the attacker has now succeeded in multiplying 
the DoS attack by a magnitude of 500!

---Fraggle Attack

A fraggle attack is the same as a smurf attack, but it uses UDP ports instead.

---DDoS Attack

This is a much harder to block kind of attack, it has been used against big sites such as 
E-Trade, Ebay, and countless others. The problem with these attacks there very hard to trace. 
Most traces can link back to @Home users! The new DDoS attacks are termed Zombies or Bots. 
These bots rely heavily on remote automation techniques borrowed from Internet Relay Chat 
(IRC) scripts of the same name. A group of zombies under the control of a single person is 
called a zombie network or a bot army. The master of these armys or networks can do full 
fledged DDoS attacks or SYN floods. The basic estimate size of zombie networks are from a few 
systems to 150,000 systems. Even a few hundred machines could prove very dangerous.
 Library
Library