2.  The world today is heavily dependent on the internet Denial of service attacks (DoS) are very common today.  “In each of the last six years, between seventeen percent and thirty-two percent of the organizations surveyed were the targets of a DoS attack.” -Computer Security Institute Costs businesses and governments millions of dollars each year to prevent and recover from the attacks.
3.  An attack that attempts to stop or prevent a legitimate user from accessing a service or system. The attacker will either directly attack the users network or system or the system or service that the users are attempting to access. Distributed denial of service attack (DDoS): ◦ This type of attack is distributed among many different systems making it more powerful and harder to shutdown.
4.  Unusually slow network performance, unavailability of a particular website, inability to access any website, and dramatic increase in the amount of spam you receive. Symptoms could stem from hardware or software problems and mistaken for a DoS. Users can take steps to prevent becoming part of a botnet: ◦ Install and use Anti-virus software ◦ Setup a firewall to protect your system from unauthorized access ◦ Use common sense security practices to avoid malware, trojans and viruses
5.  Nick-named “Smurf attack” after a program used to make ICMP flooding attacks. This attack works by sending fake ICMP echo request packets to the networks broadcast address. The attacker will send an ICMP echo request from a location outside the victim’s network to an intermediary who then passes it on to their networks broadcast address. When all machines on the network send a reply packet back, it creates severe problems.
6.  This type of attack takes advantage of the SYN request process. ◦ Client attempts a TCP connection by sending a SYN request to server ◦ Server responds by sending a SYN-ACK message back ◦ Client then completes the request by sending a an ACK message to the server Attacker takes advantage of this process by flooding the server with SYN requests and never responding to SYN-ACK ◦ Attacker can use spoofed IP addresses, the SYN-ACK goes to faked address The server is left waiting for the ACK message and leaves many connections open. Legitimate requests are ignored.
7.  Attacks are illegal and break the terms of service of most ISPs In the United States, these crimes are covered at the federal level by the Computer Fraud and Abuse Act In 2006, the U.K. finally passed a specific law calling out DoS attacks as illegal. ◦ Punishable by up to 10 years in prison Laws are ambiguous and often open to interpretation Attacks are seen by some, such as Anonymous, as legal forms of protest Distributed forms of attack are hard to prosecute ◦ Attackers are often outside the jurisdiction of the victim’s country
8.  Attacks are being used by governments against other governments The next major war will most likely see the use of DoS attacks United States and Iran have traded blows recently over Iran’s nuclear program ◦ Attacks against major US banks in January 2013 are suspected to have come from Iran Russian conflict with Georgia over South Ossetia in 2008 ◦ Georgian systems suffered major DoS attacks while Russian troops intervened in South Ossetia China has used attacks to target Chinese human rights organizations