In last several years, Daniel of Service attack (DoS)/ Distributed Daniel of Service attack (DDoS) has become one of the most critical threats for internet security, though it’s easily accomplished by the intruders. Even, proven and practicable attacking software are also available on the Internet. To get rid of this attack, first of all we have to know its consequences.

Typically, an internet connection is established using a methodology named ‘Three way handshaling ’.Following this protocol, at first client pc sends request (SYN) for connection establishment and then receiving this request server pc response to it sending an acknowledgement of approval (SYN_ACK) message to the client pc. Lastly, client pc also sends an acknowledgement (SYN_ACK) message to the server telling it, “I got the message, Thank you” and then if everything is all right, connection establishes. What happens in case of DoS attack is, a person, whether being inside or outside of a network, makes services unavailable by overflowing the network system that normally provides them.

DoS intrusion causes server overrun and resource consumption. This may often prohibits the server from making response to actual clients. It may spoil whole network infrastructure. There are several kinds of DoS attacks.

Followings are some examples: Smurf attack is one of the most recent DoS strokes on hosts at the network level. In this case, a thug generates a huge amount of ICMP ping requests (datagram) with fake source addresses and sends them to the IP broadcast address of a network, that is, remote LANs broadcast addresses. Then the routers/switch (layer 3) broadcasts these requests to layer 2 broadcast addresses.Most of the hosts connected to the network will then send reply for each of the echo. Thus, the network is overwhelmed by fake echo multiplied by the number of connected hosts.

Normally the attacker uses largest packets (up to Ethernet maximum) to ensure terrible damage to the target network. Fraggle is another DoS attack which follows the same process as Smurf attack. It just sends UDP echo packet in place of ICMP. This invasion can be very serious because of the 'stateless' property of UDP. This means there is no acknowledgement mechanism in this protocol, which makes UDP favorable for DoS attack.

Attacker swallows up the network by UDP packets. Because of there is no mechanism, receiver can't identify the fake requests. Ping of death attack follows the same mechanism but from a new angel. It sends ping request using over-sized packets. Normally, TCP/IP’s Maximum Transmission Unit (MTU) i.

e. maximum packet size is 65,536 octets (as per CISCO). As a result of over-sized pings, the routing device keeps rebooting perpetually or may be freezes up causing a total crash. 'Tribe Flood network'/'Tribe Flood network 2000' (TFN/TFN2K) is more complicated than previous DoS attacks.Alternately it is named as ‘IP Spoofing’.

It is capable of initiating synchronized DoS attacks from multiple sources to multiple target devices. It accomplishes the violation by imitating itself as an IP address of a network to other IP addresses, which are in the scope of it. In this manner, it misleads the network system by using an approved or trusted internal/external IP address and does massive destruction. Stacheldraht is a Distributed DoS program (DDoS), which is actually an assortment of DoS methodologies.

It integrates TFN irruption processes along with UDP, TCP/IP, ICMP overflow, Smurf attack.Starting with a huge invasion at the very root level it encrypts all most every communication between server (root), client or any other host in a network. It was written based on TFN tool to be used only on Linux/ Solaris system, but now it is used on any platform by modifying its source code. Scope of describing this attack is limited in this article, as it requires a vast explanation to understand this intrusion. See, you are in a great danger now! Anyone can destroy your work just in a second, no doubt in that! No worry, accident happens!Let’s try some preventive measures to protect valuable information and to have a flawless communication: It is not possible to stop communications with all outer world connections.

So, first of all, ensure basic traffic filtering. You can control and avoid unexpected foray at a minimum rate by using traffic filtering at your end. Firewall protected networks are much more safe than others. For ISP providers, it is required to monitor the network closely and review protocols to confirm authenticated communication path. Find solutions to mitigate buffer overloading and other compulsions.Before maneuvering the system, scan the whole network architecture considering all kinds of intrusions.

Maintain a solid and well-managed mitigation policy. Make sure the router is well protected by implementing filters in it. Contact with your ISP provider concerning this to ensure security before doing business through the network. To prohibit unauthorized access implement mechanisms like Network Address Translation (NAT), Access List (ACL) etc.

NAT decreases overwhelming amount of IP addresses required for a networked environment by concealing certain IP address space.Thus, it lessens the opportunity of Smurfing or IP spoofing. Access list controls addresses who are allowed to connect with the network and who aren’t. These lists are orthodox in preventing IP spoofing, Smurf attacks, DoS TCP/IP floods, DoS ICMP floods or any kind of traceroute filtering. To restrict Smurf or Fraggle attack, configure the router to block broadcast packets emerging outside of the network. There are slight variations in the router configuration commands.

Though, by default, all most every latest router inhibits these broadcasts.Unicast Reverse Path Forwarding (uRPF) is a methodology which can drop IP packets containing fake source address. It can work in either strict or loose mode. Though, level of its rigidity varies from router to router. Also, don’t forget to configure the ACLs, so that, if uRPF fails, ACL can handle it.

There are other monitoring techniques like: customer/peer notification, Sinkhole, Rate limiting, Backscatter technique, Blackhole filtering, net flow monitoring, Advance BGP Filtering etc. Your task is easy. Only make sure you are not the victim!