Hello everyone my name is vijay kumar Devireddy and I am glad to have you back on my episode 71 today we're going to discuss about we're going to focus on the concept of a Denial of Service attack.Now, a Denial of Service attack isn't a specific attack in and of itself,but instead is this category or type of attack that's carried out in a number of different ways.Essentially, the term Denial of Service is used to describe any attack which attempts to make a computer or service resources unavailable,but it can also be extended to network devices,like switches and routers as well.There are five subcategories of Denial of Service attacks,Flooding Attacks, the Ping of Death, the Teardrop,the Permanent Denial of Service attack, and the Fork Bomb.The first category is called a Flood Attack.This is a specialized type of Denial of Service which attempts to send more packets to a single server or host than it can handle.So, in this example,we see an attacker sending 12 requests at a time to a server.Now, normally a server wouldn't be overloaded with just 12 requests,but if I could send 12 hundred or 12,000 that might allow me to flood that server and take it down.Now, under a Flood Attack we have a few different specialized varieties that you're going to come across The first is called a Ping Flood,this attack is going to happen when somebody attempts to flood your server by sending too many pings.Now a ping is technically an ICMP echo request packet,but they like to call it a ping Because a Ping Flood has become so commonplace though,many organizations are now simply blocking echo replies,and simply having the firewall dropping these requests whenever they're received.This results in the attacker simply getting a request timed out message,and the service remains online,and the Denial of Service is stopped.Next we have a Smurf Attack.This is like a Ping Flood,but instead of trying to flood a server by sending out pings directly to it,the attacker instead tries to amplify this attack by sending a ping to a subnet broadcast address instead,using the spoofed IP of the target server.This causes all of the devices on that subnet to reply back to the victimized server with those ICMP echo replies,and it's going to eat up a lot of bandwidth,and processing power.Now, you can see how this looks here,with the attacker sending the ping request with the IP of that server being spoofed into the request,and now the destination is sent to the broadcast of that subnet.In this example, all three PCs in the subnet are going to reply back to that ping request thinking it's from the server,and the server gets three times the amount of ping replies than if the attacker had sent it to them directly.Now, this allows that attack to be amplified,especially if the attacker can get a large subnet,like a /16 or a /8 used in this attack.The next kind of Flood Attack is what we call Fraggle.Fraggle is a throwback reference to the kids show Fraggle Rock from the 1980s,which aired around the same time as the Smurf TV show.So you can guess that Fraggle and Smurf are kind of related.Well with Fraggle, instead of using an ICP echo reply,Fraggle uses a UDP echo instead.This traffic is directed to the UDP port of seven,which is the echo port for UDP, and the UDP port of 19,which is the character generation port.This is an older attack,and most networks don't have this vulnerability anymore,and both of these ports are usually closed,'cause again, they're unnecessary.Notice that I didn't have them in your port memorization chart either.Now, because of this,Fraggle attacks are considered very uncommon today.That said, a UDP Flood Attack,which is a variant of Fraggle,is still heavily used these days.It works basically the same way as a Fraggle attack,but it uses different UDP ports. --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app