Friday, September 27, 2019
Denial of Service Attacks (DoSs) Essay Example | Topics and Well Written Essays - 1750 words
Denial of Service Attacks (DoSs) - Essay Example In this scenario, this extra data is used to corrupt and overwrite the available memory. As a result it allows an attacker to put in random actions on the web server or destroy the system completely. It is commonly seen that the majority of web applications fails to effectively avoid the actions inserted or performed by random code into the system which can only be performed with the administrator rights of the operating system. For instance, an attacker can insert an executable instruction like that , inside a legal web site form below the appearance of an HTTP (hypertext transfer protocol) request in an attempt to get access to that particular web server. However, if an attacker gets a success in deceiving security configuration, he/she can be able to get access to the /etc/passwd file as well as can get all files and, in the end, the usernames and passwords which are stored on the web server (Kennedy, 2005). In order to mitigate these security attacks, organizations can take follo wing initiatives: First of all, an organization needs to recognize buffer overflows by putting huge values into header, form inputs, and cookie fields. They must implement effective techniques to stop illegal users from inserting unauthenticated code. They must authenticate the input field length. Cross-site Scripting (XSS) In this kind of attack a web application works as a source of help for launching an attack to an end user's browser by making use of the web browser of other web users who visit the page. In this scenario, an attacker develops and launches a web site that takes benefit of a cross-site scripting defect and a simple user can view this attackerââ¬â¢s web site such as by clicking on a link mentioned in an e-mail received from a friend and the attackerââ¬â¢s nasty program or that fake web site can then be opened on the user's computer. If an attacker gets a success in this attack then he/she can be able to get access to the end user's session token, spoof conten t to fool the user or attack the local machine (Kennedy, 2005). In order to mitigate these security attacks, organizations can take following initiatives (Kennedy, 2005): An organization must adopt strict measures to scan all the possible inputs in order that end-user data cannot be translated as scripted content. A variety of data integrity checks should be carried out on data before their distribution to make sure the data are sensible. If it is possible, limit all end-user input to alphanumeric content. Denial of Service Attacks DoS attack (denial of service) can be defined as an event that prevents un-authorized access to the resources or make interruption in those operations that are critical with time factor. Additionally, DoS attack is sometimes called distributed denial-of-service attackà (DDoS attack). This sort of attacks (denial of service attack) may target users in an attempt to stop them from creating links on the network. However these connections may include outgoi ng transmission. In addition, a DoS attack may also target a whole corporation. In this scenario, it can stop incoming traffic or to prevent outgoing traffic towards network related applications. In this way this attack tries best to stop the victim from being usage of network links. Moreover, denial of service attack is straightforward in accomplishment as compared to gaining managerial access to a specific system from distant location. Thatââ¬â¢s why DoS attack gains popularity on the Internet (Chan et al., 2010) and (Tech-FAQ, 2011). DoS attacks can easily halt our computer machine or our network connection. However, it totally depends on the
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment