Today I’d like to discuss about network attack, previous article we have discuss about specific network attack, but in this articles lets find out the basic type of network attack as below:
Teardrop-type attack is a Denial of Service attack (DoS) against a server / computer that is connected in a network. Teardrop attack takes advantage of existing features in the TCP / IP packet fragmentation or breakdown of the package, and weaknesses in the TCP / IP at the time of the fragmented packets are put back together. In a data transmission from one computer to another over a network based on TCP / IP, then the data is broken down into several smaller packets in the computer of origin, and the packets are sent and then put back together on the destination computer.
Land attack is one kind of assault on a server / computer that is connected in a network that aims to stop the services provided by that server, causing disruption of service or network computer. Such types of attacks are called Denial of Service (DoS) attack. Land attack is categorized as a SYN attack (SYN attack) because it uses a SYN packet (synchronization) at the time to do 3-way handshake to establish a relationship based on TCP / IP. In a 3-way handshake to establish a TCP / IP link between the client and server, what happens is as follows:
* First, the client sends a SYN packet to the server / host to establish the relationship of TCP / IP between the client and host
* Second, the host replied by sending a SYN / ACK (synchronization / Acknowledgement) back to the client.
* Finally, the client replied by sending a packet ACK (Acknowledgement) back to the host. Thus, the relationship of TCP / IP between the client and the host is established and data transfer can begin.
In a Land attack, the attacker computer that acts as a client sends a SYN packet that has been engineered or dispoof to a server that is about to be attacked.
SYN packets that have been engineered or dispoof contains source address (source address) and port number of origin (source port number) that exactly match the destination address (destination address) and destination port number (destination port number).
Thus, when the host sends a SYN / ACK back to the client, then there is an infinite loop because the host is actually sending a SYN / ACK is to itself.
Host / server is not protected usually will crash or hang by the Land attack is. But now, Land attack is not effective anymore because almost all systems are protected from these types of attacks through packet filtering or firewall.
Continued in next articles.