Page 215 - DCAP403_Operating System
P. 215
Operating System
Notes network security threat is the infamous ping of death where an attacker sends ICMP packets to a
system that exceeds the maximum capacity. Most of these attacks can be prevented by upgrading
vulnerable software or fi ltering specific packet sequences.
Resource attacks are the second category of network security threats. These types of attacks are
intended to overwhelm critical system resources such as CPU and RAM. This is usually done by
sending multiple IP packets or forged requests. An attacker can launch a more powerful attack
by compromising numerous hosts and installing malicious software. The result of this kind of
exploit is often referred to zombies or botnet. The attacker can then launch subsequent attacks from
thousands of zombie machines to compromise a single victim. The malicious software normally
contains code for sourcing numerous attacks and a standard communications infrastructure to
enable remote control.
Denial of Service Attack
On a modern time-sharing computer, any user takes some time and disk space, which is then not
available to other users. By “denying service to authorized users”, mean gobbling unreasonably
large amounts of computer time or disk space, for example:
1. By sending large amounts of junk e-mail in one day, a so-called “mail bomb”, Email
bombing refers to sending a large number of emails to the victim resulting in the victim’s
email account (in case of an individual) or mail servers (in case of a company or an email
service provider) crashing. In one case, a foreigner who had been residing in Shimla, India,
for almost thirty years wanted to avail of a scheme introduced by the Shimla Housing
Board to buy land at lower rates. When he made an application it was rejected on the
grounds that the 169 schemes was available only for citizens of India. He decided to take
his revenge. Consequently he sent thousands of mails to the Shimla Housing Board and
repeatedly kept sending e-mails till their servers crashed.
2. By having the computer execute a malicious program that puts the processing unit into an
infi nite loop.
3. By flooding an Internet server with bogus requests for webpages, thereby denying
legitimate users an opportunity to download a page and also possibly crashing the server.
This is called a Denial of Service (DoS) attack. This involves flooding a computer resource
with more requests than it can handle. This causes the resource (e.g. a web server) to crash
thereby denying authorized users the service offered by the resource. Another variation
to a typical denial of service attack is known as a Distributed Denial of Service (DDoS)
attack wherein the perpetrators are many and are geographically widespread. It is very
difficult to control such attacks. The attack is initiated by sending excessive demands to the
victim’s computer(s), exceeding the limit that the victim’s servers can support and making
the servers crash. Denial-of-service attacks have had an impressive history having, in the
past, brought down websites like Amazon, CNN, Yahoo and eBay.
DoS (Denial-of-Service) attacks are probably the nastiest, and most difficult to address. These are
the nastiest, because they’re very easy to launch, difficult (sometimes impossible) to track, and
it isn’t easy to refuse the requests of the attacker, without also refusing legitimate requests for
service.
Such attacks were fairly common in late 1996 and early 1997, but are now becoming less
popular.
208 LOVELY PROFESSIONAL UNIVERSITY
