1)SMURF:-IT IS A DOS ATTACK INVOLVING FORGED ICPM PACKETS SENT TO A BROADCAST ADDRESS.ATTACKERS SPOOF THE SOURCE ADDRESS ON ICPM ECHO REQUESTS AND SENDING THEM TO AN IP BROADCAST ADDRESS.THIS CAUSES EVERY MACHINE ON THE BROADCAST NETWORK TO RECIEVE THE REPLY AND RESPONDS BACK TO THE SOURCES ADDRESS THAT WAS FORGED BY THE ATTACKERS.
A)AN ATTACKER STARTS A FORGED ICPM PACKET-SOURCE ADDRESS WITH THE BROADCAST AS THE DESTINATION.
B)ALL THE MACHINE ON THE SEGMENT RECIEVES THE BROADCAST AND REPLIES TO THE FORGED SOURCE ADDRESS.
C)THIS RESULT IN DOS DUE TO HIGH NETWORK TRAFFIC
2)WIN NUKE:-IT WORKS BY SENDING A PACKET WITH "OUT OF BAND" DATA TO PORT 139 OF HE TARGET HOST.FIRST OFF, PORT 139 IS THE NETBIOS PORT AND DOES NOT ACCEPT PACKETS UNLESS THE FLAG OOB IS SET IN INCOMING PACKET.THE OOB STANDS FOR OUT OF BAND.WHEN THE VICTIIM'S MACHINE ACCEPT THIS PACKET,IT CAUSES THE COMPUTER TO CRASH A BLUE SCREEN.BECAUSE THE PROGRAM ACCEPTING THE PACKETS DOES NOT KNOW HOW TO APPROPRIATELY HANDLE OUT OF BAND DATA,IT CRASHES.
3)JOLT2:-IT ENABLES USERS ACCROSS DIFFERENT NETWORKS TO SEND IP FRAGMENT-DRIVEN DOS ATTACKS AGAINST NT/2000 BY MAKING VICTIM'S MACHINE UTILIZE 100% OF ITS CPU WHEN IT ATTEMPS TO PROCESS THE ILLEGAL PACKETS.
C:\>JOLT2 1.2.3.4 -P 80 4.5.6.7
THE ABOVE COMMAND LAUNCHES THE ATTACK FROM THE ATTACKER'S MACHINE WITH A SPOOFED IP ADDRESS 1.2.3.4 AGAINST THE IP ADDRESS 4.5.6.7 .THE VICTIM'S MACHINE CPU RESOURCES REACH 100% CAUSING THE MACHINE LOCK UP.
4)BUBONIC.C:-IT IS A DOS EXPLOIT THAT CAN BE RUN AGAINST WINDOWS 2000 MACHINES.IT WORKS BY RANDOMLY SENDING TCP PACKETS WITH RANDOM SETTINGS WITH THE GOAL OF INCREASING THE LOAD OF THE MACHINE, SO THAT IT EVENTUALLY CRASHES.
C: \>BUBONIC 12.23.23.2 10.0.0.1 100
5)TARGA-:IT IS A PROGRAM THAT CAN BE USED TO RUN 8 DIFFERENT DOS ATTACKS.THE ATTACKER HAS THE OPETION TO EITHER LAUNCH INDIVIDUAL ATTACKS OR TO TRY THE ATTACKS UNTILL IT IS SUCCESSFUL.TRAGA IS A VERY POWERFULL PROGRAM AND CAN DO A LOT OF DAMAGE TO A COMPANY'S NETWORK.
6)TRINOO:-IT WAS THE FIRST DOS TOOL TO BE DISCOVERED .FOUND IN THE WILD ON A SOLARIES 2.X SYSTEMS COMPROMISED BY BUFFER OVERRUN BUG IN RCP SERVICIES: STATD, CMSD, TTBDSERVED.TRINOO DAEMONS WERE UDP BASED, PASSWORDS PROTECTED REMOTE COMMANDS SHELLS RUNNING ON A COMPRISIED SYSTEM.
7)TFN:-COULD BE THOUGHT OF AS "SON OF TRINOO".IMPROVED ON SOME OF THE WEAKNESS OF TRINOO BY ADDING DIFFERENT TYPES OF ATTACKS THAT COULD BE MOUNTED AGAINST THE VICTIMS SITE.STRUCTURED LIKE TRINOO WITH ATTACKERS,CLIENTS (MASTERS) AND DAEMONS.INTIALLY AYATEM COMPRISES ALLOWS THE TFN PROGRAMS TO BE INSTALLED.
8)TFN2K:-IT IS A DOS PROGRAM WHICH RUNS IN DISTRIBUTED MODE.THERE ARE TWO PARTS TO THE PROGRAM:CLIENT AND SERVER.THE SERVER ALLOW RUNS ON A MACHINE IN LISTENING MODE AND WAITS FOE COMMAND FROM THE CLIENT.
RUNNING THE SERVER
#TD
RUNNING THE CLIENT
#TN -H 23.4.56.4 -C8 -I 56.3.4.5
THIS COMMAND STARTS AN ATTACK FROM 23.4.56.4 TO THE VICTIM'S COMPUTER 56.3.4.5
A)AN ATTACKER STARTS A FORGED ICPM PACKET-SOURCE ADDRESS WITH THE BROADCAST AS THE DESTINATION.
B)ALL THE MACHINE ON THE SEGMENT RECIEVES THE BROADCAST AND REPLIES TO THE FORGED SOURCE ADDRESS.
C)THIS RESULT IN DOS DUE TO HIGH NETWORK TRAFFIC
2)WIN NUKE:-IT WORKS BY SENDING A PACKET WITH "OUT OF BAND" DATA TO PORT 139 OF HE TARGET HOST.FIRST OFF, PORT 139 IS THE NETBIOS PORT AND DOES NOT ACCEPT PACKETS UNLESS THE FLAG OOB IS SET IN INCOMING PACKET.THE OOB STANDS FOR OUT OF BAND.WHEN THE VICTIIM'S MACHINE ACCEPT THIS PACKET,IT CAUSES THE COMPUTER TO CRASH A BLUE SCREEN.BECAUSE THE PROGRAM ACCEPTING THE PACKETS DOES NOT KNOW HOW TO APPROPRIATELY HANDLE OUT OF BAND DATA,IT CRASHES.
3)JOLT2:-IT ENABLES USERS ACCROSS DIFFERENT NETWORKS TO SEND IP FRAGMENT-DRIVEN DOS ATTACKS AGAINST NT/2000 BY MAKING VICTIM'S MACHINE UTILIZE 100% OF ITS CPU WHEN IT ATTEMPS TO PROCESS THE ILLEGAL PACKETS.
C:\>JOLT2 1.2.3.4 -P 80 4.5.6.7
THE ABOVE COMMAND LAUNCHES THE ATTACK FROM THE ATTACKER'S MACHINE WITH A SPOOFED IP ADDRESS 1.2.3.4 AGAINST THE IP ADDRESS 4.5.6.7 .THE VICTIM'S MACHINE CPU RESOURCES REACH 100% CAUSING THE MACHINE LOCK UP.
4)BUBONIC.C:-IT IS A DOS EXPLOIT THAT CAN BE RUN AGAINST WINDOWS 2000 MACHINES.IT WORKS BY RANDOMLY SENDING TCP PACKETS WITH RANDOM SETTINGS WITH THE GOAL OF INCREASING THE LOAD OF THE MACHINE, SO THAT IT EVENTUALLY CRASHES.
C: \>BUBONIC 12.23.23.2 10.0.0.1 100
5)TARGA-:IT IS A PROGRAM THAT CAN BE USED TO RUN 8 DIFFERENT DOS ATTACKS.THE ATTACKER HAS THE OPETION TO EITHER LAUNCH INDIVIDUAL ATTACKS OR TO TRY THE ATTACKS UNTILL IT IS SUCCESSFUL.TRAGA IS A VERY POWERFULL PROGRAM AND CAN DO A LOT OF DAMAGE TO A COMPANY'S NETWORK.
6)TRINOO:-IT WAS THE FIRST DOS TOOL TO BE DISCOVERED .FOUND IN THE WILD ON A SOLARIES 2.X SYSTEMS COMPROMISED BY BUFFER OVERRUN BUG IN RCP SERVICIES: STATD, CMSD, TTBDSERVED.TRINOO DAEMONS WERE UDP BASED, PASSWORDS PROTECTED REMOTE COMMANDS SHELLS RUNNING ON A COMPRISIED SYSTEM.
7)TFN:-COULD BE THOUGHT OF AS "SON OF TRINOO".IMPROVED ON SOME OF THE WEAKNESS OF TRINOO BY ADDING DIFFERENT TYPES OF ATTACKS THAT COULD BE MOUNTED AGAINST THE VICTIMS SITE.STRUCTURED LIKE TRINOO WITH ATTACKERS,CLIENTS (MASTERS) AND DAEMONS.INTIALLY AYATEM COMPRISES ALLOWS THE TFN PROGRAMS TO BE INSTALLED.
8)TFN2K:-IT IS A DOS PROGRAM WHICH RUNS IN DISTRIBUTED MODE.THERE ARE TWO PARTS TO THE PROGRAM:CLIENT AND SERVER.THE SERVER ALLOW RUNS ON A MACHINE IN LISTENING MODE AND WAITS FOE COMMAND FROM THE CLIENT.
RUNNING THE SERVER
#TD
RUNNING THE CLIENT
#TN -H 23.4.56.4 -C8 -I 56.3.4.5
THIS COMMAND STARTS AN ATTACK FROM 23.4.56.4 TO THE VICTIM'S COMPUTER 56.3.4.5
No comments:
Post a Comment