DHCP starvation attack

Friday, September 13, 2013

The attacker PC continually requests IP addresses from a real DHCP server by changing their source MAC addresses. If successful, this kind of DHCP attack causes all of the leases on the real DHCP server to be allocated, thus preventing the real users (DHCP clients) from obtaining an IP address.

DOS Attacks

Thursday, September 12, 2013



·    
A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users.

The attacker concentrates on:
1.    Consumption of computational resources, such as bandwidth, or processor time.
2.    Disruption of configuration information, such as routing information.

Examples:
Ping flood
is based on sending the victim a  number of ping packets, usually using the "ping" command from unix-like hosts .
Ping broadcast
 A ping request packet is sent to a broadcast network address where there are many hosts. The source address is shown in the packet to be the IP address of the computer to be attacked. If the router to the network passes the ping broadcast, all computers on the network will respond with a ping reply to the stacked system. The attacked system will be flooded with ping responses which will cause it to be unable to operate on the network for some time, and may even cause it to lock up. 

Man – in –the middle attack


Occurs when someone between you and the person with whome you are communicating is actively monitoring , capturing & controlling your communication transparently.


Man in the middle attacks are like someone assuming your identity in order to read your message the person on the other end might believe it’s you.

In normal mode, the device sends a request (ARP REQUEST) & router reply by(ARP REPLY) on this reply mac address of   the router to construct arp tables.

This is the normal situation, but hackers exploit this technology and they do the following:

1.    Put the NIC in promiscuous status, But in case of promiscuous the NIC will receive all packets path on it, The normal situation make the NIC received only the true packets.

2.    Reply of arprequest by arp reply contain IP of router port.