The security of organizations networks have continued to be threatened by hackers
in spite of the firewall behind the Internet facing routers. This is as a result of the increase in the availability of numerous software programs known as attack tools. These software have graphical user interface and are easy to be used and deployed by even computer novices.
This development has opened hacking to a much wider cross-section of the Internet population, including an organization's own non-technical employees. Resultantly, continued growth in the number of attacks has been recorded
These attacks that flood a network and tie up valuable resources that run e-commerce or internal applications is known as denial of service attacks (DOS). The DoS attacks bring down a computer network by overloading it with heavy traffic using the UDP or ICMP data packets. ( Rycom Inc , 2001)
The kinds of Dos attacks include the following: (McClure,S., Scambray, J. & Kurtz,G, 2003)
1. PingFlood or Ping of Death - Occurs when large number of ICMP echo packets are sent to a site causing system resources to respond to each packet thereby crashing or hanging.
2. UDP Flood or Service attack - This attack allows UDP datagrams to be sent to the subnet broadcast address with the destination port set at 19
3. Smurf Attack- Uses other sites known as bounce sites to generate ICMP echoes which generate several response echoes from the site under attack thus bringing it down.
4. SYN Flood - Several TCP connection request are sent every second to the target computer. The source IP address is spoofed with a forged IP address. The target computer allocates resources to handle the SYN - ACK responses
The malicious data packets are disguised as legitimate traffic and as such not subjected to the necessary checks.
References:
McClure,S.,Scambray , J. & Kurtz,G (2003). Hacking Exposed :Network Security Secret & Solutions (4th ed.). New York: Osborne/McGraw-Hill
Dr. Austin Umezurike is an experienced Information Technology management consultant with more than 15 years experience in business technology consulting. He has unique experience in utilizing the mix of technology and business to achieve organizational and industry leadership in technology and to gain competitive advantage. His interests include Organizational IT strategy, Organizational assessment, Business IT alignment, Outsourcing/Sourcing, Supply Chain management, SAP, IT Audit/Compliance, training and new business development strategies.
Dr. Umezurike holds a Ph.D. in Information Technology Management and Masters in Information Technology from Capella University, Minneapolis, MN.
Article Source: http://EzineArticles.com/?expert=Augustine_Umezurike
No comments:
Post a Comment