DOS attack methods and Solutions

DoS (Denial of Service Attack): stops your service by crashing your service computer or pressing it across. To put it simply, it is to make your computer provide more services, so that your computer can be stuck on the verge of crash or crash. The following common methods are available for DoS Attacks:
1. Death ping uses many TCP/IP implementations to believe that ICMP packets are correctly organized and that they perform too little error verification on these packets. Spread by generating malformed ICMP response request packets that claim their size exceeds the possible upper limit. The maximum package size is 65535 bytes, claiming that the size of the 65500 bytes package is heavy rain due to memory allocation error, the TCP/IP implementation will crash. Solution: correctly configuring the operating system and firewall, and blocking ICMP and any unknown protocols can prevent such attacks.

2. teardrop attacks use the information contained in the header of the packet that trusts the IP fragment in the TCP/IP stack implementation to achieve their own attacks, that is, some potential vulnerabilities in the segment re-assembly process in TCP/IP implementations are exploited. Solution: Apply the latest service packages to the server, or reorganize segments when setting the firewall, instead of forwarding them.

3. UDP flood uses simple TCP/IP Services such as CHARGEN and ECHO to transmit useless data that occupies full bandwidth. Solution: disable unnecessary TCP/IP Services and configure the firewall to block UDP requests from the Internet.

4. SYN flood attacks using TCP connection mechanisms. Solution: filter the subsequent connections from the same host on the firewall, and determine based on the actual situation.

5. when Land attacks use Land attacks, the original address and target address of a special SYN Packet are set to a server address, this will cause the receiving server to send a SYN-ACK message to its own address, and the address returns the ACK message and creates an empty connection, each of which will be retained until timeout, solution: install the latest patch.

6. smurf attacks: smurf attacks are implemented by setting the reply address to the ICMP Response Request Packet of the broadcast address of the affected network to drown out the affected host, eventually, all hosts on the network will reply to this ICMP Response Request, resulting in network congestion. Solution: remove the ICMP service.

7. Fraggle attacks make simple changes to Smurf attacks, using UDP response messages instead of ICMP solutions: filter out UDP response messages

8. Email bombs are also commonly used in simple ways. Hackers can flood it by repeatedly sending the same large email file to your email server. Solution: configure the email address appropriately.

9. malformed message attacks many services on various operating systems will crash if they receive malformed information, as these services cannot be properly checked for errors before processing the information. Solution: Install the latest service patch.