Case study 3 – Denial of Service
Denial of Service (DoS) is an attack in which access to the service(s) is denied to authorized personnel when they need it. For example, the recently discovered vulnerability in HTTP.sys affecting the Internet Information Server (IIS), if exploited, could lead to a DoS condition, resulting in denied access to the web server that is vulnerable to it (CVE-2015-1635). In simpler words, this is an attack against the availability of information.
In the past, many hacktivist groups or hackers have performed a Distributed DoS (DDoS) for political and other reasons to prove a point, and they have made many headlines which speak for themselves, rather than me explaining it here.
Let's take a look at a pretty standard DoS attack and analyze it via Wireshark.
SYN flood
An SYN flood attack is an attack when an attacker sends a huge number of TCP frames with SYN bit set to 1, indicating that he/she is trying to initiate a connection. However, when a server receives such...
