As confidential information flows through networks, the security of communications has become an important concern for users and businesses, this is why everyone is looking for ways to protect themselves against fraudulent use of their data or malicious intrusions into computer systems.
Denial of Service (DoS) is one of the common attacks nowadays, it is an attack that aims to make a computer application unable to answer the users requests. The main goal behind this kind of attacks is to crash servers or to slow them down to cause financial damages to companies.
How Does DoS works? To attack a machine, a hacker just needs to know the IP address of the target machine, onces he gets this address he can launch the attack in several ways, for example by sending many Ping requests that exceed the maximum size of a normal Ping request which is 65,536 bytes , and since the sent data are larger than what the target server can hold, the server will end up with crashing. (This attack is known as the Ping of Death).
We can also use ping flooding attack to slow down the target server by sending multiple ping requests to the target server.
We can launch a ping flooding attack by executing the following java program:
import java.io.*; public class DoSAttack { public static void main(String[] args) { String command = "sudo ping 192.168.1.1 -l 65500"; try { Process p = Runtime.getRuntime().exec(command); p.getOutputStream(); p.getInputStream(); p.getErrorStream(); } catch (IOException e) { e.printStackTrace(); System.exit(-1); } } }
We can also start a ping flooding attack by using a terminal in Linux (cmd in Windows) and executing the command sudo ping 172.28.172.29 -l 65500
as shown bellow :
To see the changes on the target machine we can use the monitor system on Linux (or the task manager on windows), the image bellow shows the changes that we see on the monitor system of ubuntu of the target machine.
There is also a variety of tools that allow to perform a Denial of Service attack, one of this tools is Nemesy, it is a tool that is used to generate random packets of a specified size and be sent to a specific IP address. The picture bellow shows how we can use Nemesy.
- Number is to indicate the number of packets that we want to send ( here 0 means infinity )
- The Size field specifies the data bytes to be sent.
- The Delay specifies the time interval in milliseconds.
Onces we start sending packets by clicking on the send button we will get the following interface.
- The title bar shows the number of packets already sent.
- The halt button is used to stop the program from sending data packets.
Now you know how to launch a DoS attack 😈😉 .