Physical Security

Denial of Service

  • DoS attacks represent one of the biggest threats on the Internet. DoS attacks might target a user or an entire organization and can affect the availability of target systems or the entire network.
  • DoS attacks can be categorized into three broad categories: bandwidth consumption, resource starvation, and programming flaws.
  • Smurf Exploits Internet Control Message Protocol (ICMP) by sending a spoofed ping packet addressed to the broadcast address with the source address listed as the victim.
  • SYN flood A SYN flood disrupts Transmission Control Protocol (TCP) by sending a large number of fake packets with the SYN flag set. This large number of half open TCP connections fills the buffer on a victim's system and prevents it from accepting legitimate connections.
  • One of the distinct differences between DoS and DDoS is that a DDoS attack consists of two distinct phases. First, during the pre-attack, the hacker must compromise computers scattered across the Internet and load software on these clients to aid in the attack. The second phase is the attack.
  • Tracking the source of a DDoS attack is difficult because of the distance between the attacker and victim.

    Table FF.7. DDoS Types and Protocols

    DDoS Tool

    Attack Method

    Trinoo

    UDP

    TFN

    UDP, ICMP, TCP

    Stacheldrach

    UDP, ICMP, TCP

    TFN2K

    UDP, ICMP, TCP

    Shaft

    UDP, ICMP, TCP

    Mstream

    TCP

    Trinity

    UDP, TCP

  • Egress filtering can be performed by the organization's border routers to reduce the threat of DDoS.

Social Engineering

Part I: Exam Preparation

The Business Aspects of Penetration Testing

The Technical Foundations of Hacking

Footprinting and Scanning

Enumeration and System Hacking

Linux and Automated Security Assessment Tools

Trojans and Backdoors

Sniffers, Session Hijacking, and Denial of Service

Web Server Hacking, Web Applications, and Database Attacks

Wireless Technologies, Security, and Attacks

IDS, Firewalls, and Honeypots

Buffer Overflows, Viruses, and Worms

Cryptographic Attacks and Defenses

Physical Security and Social Engineering

Part II: Final Review

Part III: Appendixes

Appendix A. Using the ExamGear Special Edition Software



Certified Ethical Hacker Exam Prep
Certified Ethical Hacker Exam Prep
ISBN: 0789735318
EAN: 2147483647
Year: 2007
Pages: 247
Authors: Michael Gregg

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net