Network Connectivity
To tie up a network connectivity of a target machine, an intruder can initiate a half-open connection to the target machine. The target machine starts the connection process and waits for intruder's bogus connection to be completed. While it is waiting, it is blocking other legitimate connections. This attack can even be launched over a dial-up modem connection against a high-speed network system.
An example of this type of attack is the SYN flood attack.
Network Bandwidth
One common attack on the target system's network bandwidth is to generate an excessive amount of traffic on that network. This attack is also known as network flooding. An example of a network bandwidth attack is the Smurf attack. The Smurf attack is launched using the Ping command. (You can perform a Ping request by going to the Command console, and type in "ping [IP address or host name]". The machine you pinged replies by sending the echo message back to you.)
In a Smurf attack, the intruder sends ping commands repeatedly using the victim's address as the return address. When the Ping command is broadcast to multiple hosts on the target system's local network, all the machines receiving the Ping request will reply to the innocent, spoofed target system for each Ping command. This causes the target system's network to be flooded with ping replies. If there are enough packets flooding the network, the spoofed host will no longer be available to receive or distinguish legitimate traffic. Its services are rendered unavailable.
The diagram below illustrates a Smurf attack.
Figure 1 Smurf attack
Other Resource Consumption Attacks
An intruder may also attempt to stall a system by attacking other components including CPU cycles, memory, and disk space using malicious programs. Recall that viruses, worms, and Trojan horses are programs. Executing these programs consumes CPU cycles, memory, and disk space. These malicious programs can copy themselves repeatedly to exhaust your CPU cycles, memory, and disk space.
Another way to consume disk space is by spamming an email server, generating excessive numbers of email messages. For instance, when 80% of your email storage is filled with spam mails, disk space needed to store legitimate emails will be limited. An intruder can also devise ways to cause the system to generate error messages that need to be written to disk continuously. When data is continuously written to disk with no limits on the amount of data that can be written, the system will eventually run out of disk space and become unable to perform other functions.
There are numerous ways in which an intruder can tie up your system resources is almost unlimited. The speed and impact of their attack can also be increased exponentially when they use multiple computers to launch the same attack.
Distributed Denial of Service Attack
A distributed denial of services (DDoS) attack can be more destructive than a DoS attack. A DDoS attach is usually launched using multiple computers to attack one victim computer. In a DDoS attack, the intruder compromises a few computers to act as the control centers, also known as "handlers" or "masters." The intruder also installs "agents" (frequently through a Trojan horse program) that run on other compromised computers. These agents are also known as "zombies" or "slaves." Each handler computer controls a group of agent computers. Intruders who used a DDoS attack are harder to identify because many more computer are involved, and the handler-agent tactic adds another level of complexity when tracing back to the intruder who first initiated the attack.
To initiate a DDoS attack, each handler computer commands their agent computers to flood the target system by sending out data packets to the target system simultaneously. When the target system's network bandwidth is flooded, legitimate network traffic will be unable to pass through, causing the network to be unavailable. When connected to a network, your computer can be used either as a handler computer or an agent computer to attack other computer systems. These attacks may have been used on major e-commerce sites such as Yahoo.com and eBay.com.
Read the story, "Cyber assaults hit Buy.com, eBay, CNN and Amazon".
Below is an illustration of a DDoS attack.
Figure 2 DDoS attack