My First Post      My Facebook Profile      My MeOnShow Profile      W3LC Facebook Page      Learners Consortium Group      Job Portal      Shopping


Friday, October 22, 2010

DOS and DDOS: An article on Hacking using Denial of Service Attacks

A very common term in the field of hacking and Security is DoS Attack. Hackers employ a number of techniques to attack and disrupt computer systems and networks. There is an important point here, to understand the two flavors of DOS attacks. Attacks can be of different types depending on the aim and speciality of the attacker. Some just want to disrupt computer systems but there are some hackers who intend to infiltrate the computers and steal sensitive information for drastic and really crazy purposes.

DOS or Denial of Service attack: This is a common way to attack a computer network. The main intention of a DOS attack is to disrupt the activities of the server through overloading it with unwanted requests. The attacker usually sends large number of requests to the server which leads to overloading. When the server gets overloaded, it is unable to answer to normal requests. DOS attacks are usually directed at websites. It is very easy to prevent and stop DOS attacks. In very plain words it should be noted that DOS attack if properly done can bring server on knees. Users and some scripts and functions would be starved of some services. These services may be among some of the crucial ones.

As said on the Symantec Website:
DoS is a Denial of Service to a victim trying to access a resource. In many cases it can be safey said that the attack requires a protocol flaw as well as some kind of network amplification.
Denial of Services is also an attack on a computer system or network that causes a loss of service to users, typically the loss of network connectivity and services through the the consumption of bandwidth of the victim network, or the overloading the computational resources of the victim system.
The motivation for DoS attacks is not to break into a system. Instead, it is to deny the legitimate use of the system or network to others who need its services. One can say that this will typically happen through one of the following means:
1. Crashing the system.
2. Deny communication between systems.
3. Bring the network or the system down or have it operate at a reduced speed which affects productivity.
4. Hang the system, which is more dangerous than crashing since there is no automatic reboot. Productivity can be disrupted indefinitely.

There is yet another but more advanced form of denial of service attack. Here, a large number of zombie computers are used to send requests to the server which is being attacked. This is popularly known as DDOS or Distributed Denial of Service Attack. This attack causes the server to get overburdened within a short span of time. The zombie computers are controlled by hackers by means of malware. Because of the large number of computers involved in the attack, the power of the attacker gets magnified thousands of times. The best way to protect against distributed denial of service attacks is to use a traffic filter. A traffic filter is a device that prevents traffic from the IPs from where the malicious requests are originating.
Again it is worth to mention what Symantec website says about this:
A Distributed DoS (DDoS) is the combined effort of several machines to bring down victim. In many cases there is a master machine that launches the attack to zombie machines that are part of a bot network, as shown below in Figure 1. Some bot networks contain many thousands of machines used to launch an attack.

-Mohd Anwar Jamal Faiz
Software Engineer (White Box API and Security) at Leading Software Product Company

Monday, October 11, 2010

Changing location of %temp% folder

As we all know that Windows maintains a location where programs can put temporary files. But at times you might want to change that location. Changing this location might cause some installed Application to behave abnormally. But who the geek like you cares!!

The step is pretty simple. And really this is of help to Testing guys who want to test what is its impact over their applications. Although this can be done manually too using a simple batch script, I am telling the manual method. This clearly explains the method.

Go to Windows Command Prompt, (Start->Run->Type cmd and press Enter).Type SET followed by the Enter key. Windows will list a number of what are called "environment variables" that make various types of information available to running programs. Two of them will look much like this:
The DOCUME~1 represents the Documents and Settings folder.
TMP and TEMP both specify the directory to be used for temporary files. Both TMP and TEMP are used for compatibility reasons. You can even edit it here or can change by following method.

Right click on My Computer and click on Properties. In the resulting dialog click on the Advanced tab. Click on the button abeled Environment Variables. The TMP and TEMP is listed in the section labeled User variables. You can edit these path to any desired location and Apply this setting.