5 Major Types of DOS Attack


DOS Attacks remain as popular as ever and are becoming more sophisticated

Posted by Henry Dalziel  |  December 16, 2019  |   Questions / Comments 0

5 Major Types of DOS Attack

Cybersecurity Hacker Tool
Henry Dalziel
Henry Dalziel | December 16, 2019

- C|EH, Security+, MSc Marketing Management;
- Based in Hong Kong for the last five years;
- Cybersecurity Pro & Growth Hacker

TL;DR
We list out a bunch of popular DOS attacks.

Summary of 5 Major DOS Attack Types

We have become fascinated by DoS attacks in the office ever since our Hacker Hotshot web show with Matthew Prince from CloudFlare. Matthew introduced us to a case-study, contemporary solutions, and viable long-term solutions to prevent or at least mitigate being a victim of DoS attacks.

First off – let’s get the definition’s out of the way, and what is the difference between a DoS and a DDoS?
DoS refers to Denial-of-Service and is best defined as an attempt to make a computer(s) or network(s) unavailable to its intended users.

Matthew Prince defined it in a nicely simplified way:

“…a Denial of Service attack is when an attacker is trying to generate more traffic than you have resources to handle…”

Often you will hear DoS, pronounced phonetically altogether, i.e. ‘DOS’ and not D.O.S, and DDoS – is pronounced Dee-DoS.

The difference between a DoS and a DDoS

In a DoS attack, one computer and one internet connection also is deployed to overwhelm a server or network with data packets, with the sole intention of overloading the victim’s bandwidth and available resources.

A DDoS attack is the same but is amplified. Rather than one computer and one internet connection, a DDoS is and often involves millions of computers all being used in a distributed fashion to have the effect of knocking a website, web application or network offline.

In both instances, either by the singular DoS or the multiple DDoS attacks, the target is bombarded with data requests that have the effect of disabling the functionality of the victim.

Our research has identified five major types of DDoS/ DoS methods or attacks.

If you can think of any more we’d appreciate you dropping a comment below!

Here’s our list:

1. (S)SYN flood
A SYN flood is a type of DOS attack in which an attacker sends a series of SYN requests to a target’s system in an attempt to use vast amounts of server resources to make the system unresponsive to legitimate traffic.

2. Teardrop Attacks
A teardrop attack involves the hacker sending broken and disorganized IP fragments with overlapping, over-sized payloads to the victim’s machine. The intention is to obviously crash operating systems and servers due to a bug in the way TCP/IP fragmentation is re-assembled. All operating systems many types of servers are vulnerable to this type of DOS attack, including Linux.

3. Low-rate Denial-of-Service attacks
Don’t be fooled by the title, this is still a deadly DoS attack! The Low-rate DoS (LDoS) attack is designed to exploit TCP’s slow-time-scale dynamics of being able to execute the retransmission time-out (RTO) mechanism to reduce TCP throughput. In short, a hacker can create a TCP overflow by repeatedly entering a RTO state through sending high-rate and intensive bursts – whilst at slow RTO time-scales. The TCP throughput at the victim node will be drastically reduced while the hacker will have low average rate thus making it difficult to be detected.

4. Internet Control Message Protocol (ICMP) flood
Internet Control Message Protocol (ICMP) is a connectionless protocol used for IP operations, diagnostics, and errors. An ICMP Flood – the sending of an abnormally large number of ICMP packets of any type (especially network latency testing “ping” packets) – can overwhelm a target server that attempts to process every incoming ICMP request, and this can result in a denial-of-service condition for the target server.

5. Peer-to-peer attacks
A peer-to-peer (P2P) network is a distributed network in which individual nodes in the network (called “peers”) act as both suppliers (seeds) and consumers (leeches) of resources, in contrast to the centralized client-server model where the client-server or operating system nodes request access to resources provided by central servers.

In Summary
Let us know your thoughts!

Have you ever been the victim of a DoS attack? What do you now do to protect yourself?

Remember to check out our talk with Matthew Price which really was a good Hacker Hotshot web show and is an excellent resource to learn more about this common attack vector.

Leave a Question or Comment:

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Some Of Our Other Content

You may also like...

USB Keyloggers
USB Keyloggers

Some of these USB Keyloggers work over WiFi and others even email you the keystrokes! Require NO drivers. Just plant and forget.

Blog Post

N00b Hacking
WiFi Hacking Hardware Devices
WiFi Hacking Hardware Devices

We take a look at hardware used by the pro's to hack into Wireless Networks! (Keyloggers, Deauth Tools, Alfa Scanner etc.)

Blog Post

WiFi Hacking
Mobile Encryption Apps
Mobile Encryption Apps

Is WhatsApp safe? What about Telegram? There are dozens of mobile encryption apps...

List Review

Cyber Hacking
Password Cracking Tools
Password Cracking Tools

John The Ripper, Crowbar, L0phtcrack, Medusa, Rainbowcrack, THC Hydra and more!

List Review

Cyber Hacking
Kali Linux Developers
Meet The Kali Linux Developers

Meet the folks behind the Hacking Tools that make Kali Linux so damn awesome

Blog Post

N00b Hacking
OSCP Advice
How Difficult is OSCP? Get expert advice from those that passed!

We've interviewed over 25 Cybersecurity Professionals to ask them that exact question...

Blog Post

N00b Hacking
How To Hack WordPress 2020
How To Hack WordPress 2020

In this (constantly updated) resource we investigate ways to Hack WordPress

Blog Post

N00b Hacking
Pass CEH First Time
Pass CEH First Time: we ask experts in the field

Are you interested in passing CEH? If yes, read on, we have a ton of advice to share

Blog Post

N00b Hacking