Book Image

Practical Network Scanning

By : Ajay Singh Chauhan
Book Image

Practical Network Scanning

By: Ajay Singh Chauhan

Overview of this book

Network scanning is the process of assessing a network to identify an active host network; same methods can be used by an attacker or network administrator for security assessment. This procedure plays a vital role in risk assessment programs or while preparing a security plan for your organization. Practical Network Scanning starts with the concept of network scanning and how organizations can benefit from it. Then, going forward, we delve into the different scanning steps, such as service detection, firewall detection, TCP/IP port detection, and OS detection. We also implement these concepts using a few of the most prominent tools on the market, such as Nessus and Nmap. In the concluding chapters, we prepare a complete vulnerability assessment plan for your organization. By the end of this book, you will have hands-on experience in performing network scanning using different tools and in choosing the best tools for your system.
Table of Contents (19 chapters)
Title Page
Packt Upsell
Contributors
Preface
Index

DoS and DDoS attacks 


A Denial-of-Service is an attack in which online services do not respond to connections from legitimate hosts due to their resources being overused by malicious requests. This attack becomes a Distributed Denial-of-Service (DDoS) attack when it comes from multiple sources and it becomes difficult to block the source with IP or Geo-location.

DDoS attacks usually take the form of the following:

  • Volume-based attacks
  • Application layer attacks
  • Low-rate attacks

Volume-based attacks

Volume based attacks are by far the most common type of DDoS attacks.

Note

According to Arbor Networks, 65% of DDoS attacks are volumetric in nature.

Volume-based attacks are characterized by an excessive amount of traffic (sometimes in excess of 100 Gbps). They do not mandate large amounts of traffic to be generated by one location or one source.

The following is an example of such an attack:

  • NTP Amplification: The NTP amplification attack is a volume based DDoS attack in which an attacker exploits the publicly...