Strategy and overview of wireless DDoS attack in LAN

With the development of computer network technology, Wireless LAN has become a high-speed development of wireless communication technology in the computer network to achieve communication mobility, personalization and multimedia applications. However, because the transmission media of wireless communication is the air with no entity protection, the data sent by wireless can reach all the terminals within the coverage range, or it is an unexpected receiving device, which provides more and more covert attack opportunities for malicious users such as hackers. Among all kinds of attacks on wireless networks, distributed Denial-of-service DDoS (Distributeddenialofservice) attacks are the first choice of hacker attacks with the features of good concealment and strong destruction. This article will make an overview of various wireless network DDoS attack methods.

A brief introduction of DDoS

DoS (denialofservice) Denial of service attacks are technologies that deny users or clients access to specific systems and network resources. The implementation can take advantage of an operating system or software vulnerability, or use a very large number of legitimate requests, resulting in excessive resource consumption or collapsing resources to achieve denied access to resources. The full name of the DDoS is distributeddenialofservice (distributed denial of service), and many Dos attack sources attack a server together to form a DDoS attack. DDoS can be traced back to early 1996, in China in 2002 began to appear frequently, 2003 has begun to take shape.

DDoS attack is a kind of attack method based on traditional Dos attack. A single Dos attack is usually a one-to-one approach, when the target is low CPU speed, memory small or small network bandwidth and other performance indicators are not high, its effect is more obvious. With the development of computer and network technology, the rapid growth of the processing power of computers, the significant increase in memory, and the emergence of gigabit networks have increased the difficulty of Dos attacks because of the increased ability of the target to handle malicious attack packs, if the attacker could send 3,000 attack packs per second, However, the attacker's host and network bandwidth can handle 10,000 attack packs per second, so the attack will not have any effect. This is when distributed denial of service attacks (DDoS) appear.

In general, the architecture of a typical DDoS attack can be divided into four parts: An attacker, a master, an attack aircraft, and a victim. The attacker controls a large number of attackers through the main control machine, the control or partial control of a fighter can be uploaded to these platforms, which run like normal programs and wait for instructions from an attacker, often using various means to hide themselves from being discovered. In peacetime, there is nothing unusual about these machines, and once an attacker connects to them and gives instructions, the attack is launched. This attack is very covert, because in order to find the real attackers must first detect the attack aircraft, and then according to the attacker's log and other files to find the upper level of the controller, level until the attacker to find. It is not easy for an attacker to quickly and cleanly erase files (such as log files) that record an attack on a large number of attackers, but it is very simple to remove these records from a small number of master machines to avoid being discovered. Hackers take advantage of the current high-speed network, as well as various operating system vulnerabilities and flaws, while controlling a large number of dummy computers, and then at the same time using the puppet computer to attack target attacks, fast consumption of target bandwidth and CPU time, thereby causing the denial of service to legitimate users. Attacking a large number of dummy computers from different addresses on the network is not only devastating but also difficult to defend against and track down. In particular, the current wireless network, due to its inherent protocol defects and access point concealment and other characteristics, more vulnerable to malicious attacks.

This article comes from the Http://www.mkddos.com/zixun/2012/1101/21.html DDoS Group specializes in providing DDoS attackers, DDoS attack software, DDoS attack tools and tutorials, as well as traffic attackers, web site attackers to download