1. SPAMMING, SPOOFING, DOS&
DDOS ATTACK
MUZAMMAL HUSSAIN MCF1601076
M SHARIAT ULLAH MCF1601070
SYED ALI MUJTABA MCF1600975
M SHAHBAZ SAHID MCF1601034
2. SPAMMING
•What is spam?
• Spam is flooding the Internet with many copies of the same message, in an
attempt to force the message on people who would not otherwise choose to
receive it.
• Most spam is commercial advertising, often for dubious products, get-rich-
quick schemes, or quasi-legal services.
• Spam costs the sender very little to send -- most of the costs are paid for by
the recipient or the carriers rather than by the sender.
3. • There are two main types of spam, and they have different effects on Internet
users.
• Cancellable Usenet spam:
• is a single message sent to 20 or more Usenet
newsgroups. Through long experience, Usenet
users have found that any message posted to so
many newsgroups is often not relevant to most
or all of them. Usenet spam is aimed at
"lurkers", people who read newsgroups but
rarely or never post and give their address
away. Usenet spam robs users of the utility of
the newsgroups by overwhelming them with a
barrage of advertising or other irrelevant posts
4. •Email spam:
targets individual users with direct mail messages. Email
spam lists are often created by scanning Usenet postings,
stealing Internet mailing lists, or searching the Web for
addresses. Email spams typically cost users money out-
of-pocket to receive. Many people - anyone with
measured phone service - read or receive their mail
while the meter is running, so to speak. Spam costs them
additional money.
is sending spam to mailing lists (public or private email
discussion forums.) Because many mailing lists limit
activity to their subscribers, spammers will use
automated tools to subscribe to as many mailing lists as
possible, so that they can grab the lists of addresses, or
use the mailing list as a direct target for their attacks.
5. SPOOFING
•In the context of network security, a spoofing attack is a
situation in which a person or program successfully
masquerades as another by falsifying data, to gain an
illegitimate advantage.
6. TYPES OF SPOOFING
• IP Spoof
• Web Spoof
• E-mail Spoof
• Non Technical Spoof
7. IP SPOOFING
• The creation of IP packets with a forged source.
•The purpose of it is to conceal the identity of the sender
or impersonating another computing system.
8. USES OF IP SPOOFING
• Denial-of-service attack.
• To defeat networks security.
9. DEFENSE AGAINST IP SPOOFING
• Packet filtering- one defense against IP spoofing .
• Ingress filtering
• Egress filtering
10. DEFENSE AGAINST IP SPOOFING
•Upper Layers:
• Some upper layer protocols provide their own defense
against IP spoofing.
11. WEB SPOOFING
• It’s a security attack that allows an adversary to observe and
modify all web pages sent to the victim’s machine and
observe all information entered into forms by the victim.
• The attack is initiated when a victim visits a malicious web page,
or receives a malicious email message. The attack is implemented
using JavaScript and Web serves plug-ins.
12. DANGERS OF WEB SPOOFING
•After your browser has been fooled, the spoofed web
server can send you fake web pages or prompt you to
provide personal information such as login Id, password,
or even credit card or bank account numbers.
13. HOW TO PREVENT IT
• Don’t click links in emails instead always copy and
paste, or even better manually type the URL in.
• When entering personal or sensitive information,
verify the URL is as you expect, and the site’s SSL
certificate matches that URL.
• Understand why you’re providing the information
does it make sense? Does the site need to know your
SSN?
14. EMAIL SPOOF
• E-mail spoofing is the forgery of an e-mail header so that
the message appears to have originated from someone or
somewhere other than the actual source.
15. EMAIL SPOOF PROTECTION
• Double check the email you are replying to, make sure
that the letters are what they truly seem. For example,
l(lower case L) is not the same as I(upper case).
• Look at the IP information of the email header. If an
email originated from inside your network, the sender
should have very similar IP address.
16. NON-TECHNICAL SPOOFING
•These non-computer based techniques are commonly
referred to as social engineering. With social engineering,
an attacker tries to convince someone that he is someone
else.
•This can be as simple as the attacker calling someone on
the phone saying that he is a certain person.
18. DoS Attacks:
an attacker can attack a network from a
distance and therefore, it is sometimes difficult to collect
evidences against the attacker.
Types:
Physical Attack
Network DoS Attack
Physical Attack:
This type of attack is very basic and it
is in the base of radio interferences which can be created
even from cordless phones that operate in 2.4 GHz range.
19. Network DoS Attack:
As the Wireless Access Point creates a
shared medium, it offers the possibility to flood the traffic of this
medium toward the AP which
will make its processing more slow toward the clients that
attempt to connect
Prevention:
• Change the SSID and the network password regularly.
• Change the default password of access points
• Turn off guest networking
• Update the firmware of your wireless device.
Pyloris is a popular DoS tool that you can download from
− https://sourceforge.net/projects/pyloris/
20. DDOS Attacks:
A Distributed Denial of Service (DDoS)
attack is an attempt to make an online service or a website
unavailable by overloading it with huge floods of traffic
generated from multiple sources.
A large scale volumetric DDoS attack can generate a
traffic measured in tens of Gigabits (and even hundreds of
Gigabits) per second. We are sure your normal network will not
be able to handle such traffic.
Types of DDoS Attacks:
DDoS attacks can be broadly
categorized into three categories:
• Volume-based Attacks
• Protocol Attacks
21. Volume-Based Attacks:
Here, an attacker tries to saturate the
bandwidth of the target site. The attack magnitude is
measured in Bits per Second (bps).
Protocol Attacks:
This type of attack consumes actual server
resources and other resources like firewalls and load
balancers. The attack magnitude is measured in Packets
per Second.
Application Layer Attacks:
Here the goal is to crash the web server. The
attack magnitude is measured in Requests per Second.
22. HOW TO FIX A DDOS ATTACK:
• Your DDoS protection starts from identifying and closing all
the possible OS and application level vulnerabilities in your
system, closing all the possible ports, removing unnecessary
access from the system and hiding your server behind a proxy
or CDN system.
• If you see a low magnitude of the
DDoS, then you can find many firewall-based solutions which
can help you in filtering out DDoS based traffic. But if you have
high volume of DDoS attack like in gigabits or even more, then
you should take the help of a DDoS protection service provider