1
00:00:14,750 --> 00:00:18,670
In the last lecture, we had an introduction to orders, denial of service attack.

2
00:00:19,280 --> 00:00:26,810
So basically denial of service DOS is an attack on a computer network that reduces, restricts or prevents

3
00:00:26,810 --> 00:00:30,030
accessibility of the same resources towards legitimate users.

4
00:00:30,500 --> 00:00:38,450
So the first type of attack is UDP third attack and attacker since spoofed Urabe Packards at a very

5
00:00:38,450 --> 00:00:46,550
high, Attrit, remote post on random parts of the target server using a large source IP range threatening

6
00:00:46,550 --> 00:00:51,680
of UDP packets cause a server to repeatedly check for nonexistent applications at the ports.

7
00:00:52,550 --> 00:00:59,820
Legitimate applications are inaccessible by the system and gives a reply with an ICMP destination unreachable

8
00:00:59,840 --> 00:01:00,270
packet.

9
00:01:01,340 --> 00:01:07,640
This attack consumes network resources and available bandwidth, exhausting the network and it goes

10
00:01:07,640 --> 00:01:08,170
offline.

11
00:01:09,020 --> 00:01:11,660
The next is ICMP third attack.

12
00:01:12,610 --> 00:01:19,690
Network administrators use ICMP primarily for IP operations, troubleshooting and error messaging of

13
00:01:19,690 --> 00:01:21,100
undeliverable packets.

14
00:01:22,120 --> 00:01:28,360
ICMP attack is a type of attack in which the attackers in large volumes of ICMP because it was because

15
00:01:28,750 --> 00:01:35,800
the victim system directly or through reflexion networks, these packets signal the victim's system

16
00:01:35,890 --> 00:01:41,500
replay and the combination of traffic saturates the bandwidth of the victims network connection, thereby

17
00:01:41,770 --> 00:01:49,090
causing it to be overwhelmed and subsequently stop responding to legitimate PXP requests to protect

18
00:01:49,090 --> 00:01:52,570
against ICN before an attack set a limit.

19
00:01:52,870 --> 00:01:56,340
Which one expert invokes the ICMP attack protection feature?

20
00:01:57,160 --> 00:02:01,660
The next is being of the attack and the peak of the attack.

21
00:02:01,870 --> 00:02:08,440
And attacker tries to crash, destabilize or freeze the targeting system or service by sending malformed

22
00:02:08,620 --> 00:02:15,010
hot over suspects using a simple Pinkham on, for instance, the attacker sends a packet which is the

23
00:02:15,010 --> 00:02:19,180
size of sixty five thousand five hundred bytes to the target.

24
00:02:19,180 --> 00:02:26,560
The possible size of the packet exceeds the size limit prescribed by the autopsy 791 IP, which is sixty

25
00:02:26,560 --> 00:02:28,470
five thousand 535 words.

26
00:02:28,610 --> 00:02:32,080
And that's what the packet which is attacking sending is three words more.

27
00:02:32,620 --> 00:02:37,260
The reassembly processed by the receiving system might cause a system to crash.

28
00:02:38,080 --> 00:02:40,210
The next is Synthron attack.

29
00:02:40,900 --> 00:02:45,580
The attacker sends a large number of requests to a target server that is the victim.

30
00:02:45,790 --> 00:02:53,080
But the fixer's IP addresses the target machine sends back a cynic in response to the request and waits

31
00:02:53,080 --> 00:02:55,150
for the ECJ to complete the station.

32
00:02:55,150 --> 00:03:02,980
Set up the machine does not get the response because the source addresses fake sincerity, takes advantage

33
00:03:02,980 --> 00:03:07,300
of a flaw in the way most hosts implement the DCB transship.

34
00:03:07,510 --> 00:03:13,630
When the host receives the scene from another host, it must keep track of the partially open connection

35
00:03:13,630 --> 00:03:16,480
in Alisson Queue for at least seventy five seconds.

36
00:03:17,170 --> 00:03:23,320
A malicious host can explore the small size of the lesson queue by sending multiple requests to the

37
00:03:23,320 --> 00:03:26,350
host, but never replace the Sinak request.

38
00:03:27,130 --> 00:03:29,500
The victims listen queue is quickly filled up.

39
00:03:30,190 --> 00:03:36,130
This ability of holding each incomplete connection for seventy five seconds can cumulatively used as

40
00:03:36,130 --> 00:03:36,970
a dinner service.

41
00:03:36,970 --> 00:03:42,610
There is simpler a type of denial of service category, and the last is fragmentation.

42
00:03:42,610 --> 00:03:49,150
Attack these attacks destroy a victim's ability to reassemble the fragmented packets by flooding it

43
00:03:49,150 --> 00:03:53,620
with DCB or Urabe fragments resulting in a reduced performance.

44
00:03:54,160 --> 00:03:56,350
Attacker sends a large number of fragments.

45
00:03:56,560 --> 00:04:01,840
It is fifteen hundred plus bite package to the target server, but relatively small packet rate.

46
00:04:02,320 --> 00:04:07,720
Since the protocol allows the fragmentation, these packets usually pass through the network equipments,

47
00:04:07,720 --> 00:04:13,810
recruiters, firewalls, ideas, IP, etc. which remain uninspected.

48
00:04:14,290 --> 00:04:19,720
Reassembling and inspecting these large, fragmented packs consumes existing resources.

49
00:04:20,150 --> 00:04:25,180
Moreover, the content in the packet fragments will be randomized by the attacker, which makes the

50
00:04:25,180 --> 00:04:28,780
process to consume more resource and leading the system to crash.

51
00:04:29,350 --> 00:04:35,290
In the next lecture, we will see what is a botnet and how botnet is used for those attacks.