Denial of Service attack causes harm by either stopping a critical service or by slowly degrading services over time. Stopping the critical causes huge business loss where the attacker targets the web services. A very common example would be, an attack launched against the DNS provider to large companies like amazon, walmart, etc during the festive season. Another example would be an attacker shutting down a company’s website and stop employees from accessing their e-mail, file servers, or even the applications.
An attack that slowly degrades services is more difficult to detect because there isn’t an abrupt change in service quality. Network administrators cannot see a clear distinction between genuine growth in network traffic and a progressive DoS attack. Hence, they may be forced into unnecessary capital expenditures for additional bandwidth, hardware, and software.
There are four main methods attackers follow when carrying out a DoS attack:
– direct/indirect: when an attacker tries to flood a victim with a stream of packets directly from the attackers computer or when the attacker tries to flood the victim computer in the same way but the attacker IP addressed is spoofed.
– intermediary: compromised running hosts running malware controlled by the attacker. the botmaster sends a signal for the bots to attack them.
– reflected attack: uses responses from legitimate services to flood a victim.
Denial of service is a most common network-based attacks.
Degrade services:
I am aware that a gradual attack, such as a DoS attack, is more difficult to spot than a rapid one. This is due to the difficulty in telling the difference between a rise in actual network traffic and an assault that gradually lowers the level of service. As a result, it is a covert and crafty method for attackers to accomplish their goals. As a result, network managers might not be able to identify the problem right once and might even be duped into spending money on bandwidth, hardware, and software that they don’t need to. For organizations, this may have serious financial and resource ramifications.
Methods of DoS Attack will look at:
1. Direct/indirect
2.intermediary
3.reflected
4. sending malformed packets
False 802.11 Security Measures:
security frequently offer guidance that is currently regarded as being insufficient and deceptive. These so-called security measures provide merely a fleeting and deceptive sense of security, much like “whiskey treatments” for the common cold. They may discourage amateur hackers, but they are insufficient to stop highly skilled attackers who employ cutting-edge hacking software to gain unfettered access to the internet and corrupt home computers. Setting up these security measures requires just as much work as putting complete WPA or 802.11i security into place, which offers a more effective barrier against hackers.
What stood out for me in Chapter 4 was the topic about false sense of security. Preventive measures such as using the spread spectrum operations, turning off SSID broadcasting, MAC address control lists are ineffective at providing wireless security. They may deter curious trespassers and nosy neighbors but not drive-by hackers with specialized software. Also, the time and efforts spent on implementing these ineffective security measures are wasted. A better wireless security measure would be to implement WPA2.
In the Module A, it was interesting to know how the TCP protocol was used by attackers. For instance, sending a TCP SYN message and never sending back an ACK message would cause a DDoS attack. Attackers also use TCP RST messages to determine if there is a host associated with the IP. Also, the TCP sequence numbers could be used by attackers, if they could predict the sequence number successfully, to read messages from one side and send false messages to the other side.
I think this topic is also very interesting. I think its very important to note that some preventative measures are ineffective at providing wireless security. It might be assumed that because they are preventative they will protect all types of attacks however it is important to note that specialized software is not protected.
This chapter elaborates on the most typical network-based denial of service (DoS) attacks and my thoughtful read is that DoS attack aims to prevent legitimate users from accessing a server or network, which lowers availability. DoS assaults achieve this by saturating the target with traffic. This news report claims that the rise in remote work and the use of personal networks rather than protected corporate networks is to blame for the recent spike in DoS assaults. Businesses must be aware of the danger posed by DoS attacks and train their staff on how to protect their home networks. Multiple workstations work together to launch a distributed denial of service (DDos) attack against a single target. These hacked computers are gathered by hackers into networks known as botnets. Preparation of a disaster recovery plan prior to an attack to enable successful mitigation and recovery is a key step in protecting against these assaults.
Traditionally, Ethernet LANs offered no security and allowed any intruder who entered a building to have access to the LAN’s computers. Wireless LANs have deeper threats, as an intruder can connect by radio and bypass the site’s firewall, not even requiring physical entry to the building. This poses a complete breakdown in access control and makes it easy for a drive-by hacker to sit outside the building and gain access to the network using a high-gain antenna.
The eavesdropping threats in both wired and wireless LANs. Intruders who gain access to the network can use packet sniffers to intercept and read legitimate traffic. Ethernet LANs are rarely encrypted, and it is difficult to access the wires or wall jacks, but wireless LANs are vulnerable to eavesdropping as radio transmission makes it easy to intercept traffic unless it is strongly encrypted. However, the encryption used in wireless traffic is often easily crackable with hacker software readily available on the Internet and in some cases, there is no encryption at all.
good point sunam, This case has been troubling my mind a lot because if individuals become a target for hackers then i guess there is going to be a lot of news on that because people do a lot of transactions and email reply on their home networks
The term confidentiality has a slightly different meaning in the context of
network security than it did in the prior chapter on cryptography, which meant that people who
intercept messages cannot read them.
In the context of network security, confidentiality means preventing unauthorized users
from gaining information about the network’s structure, data flowing across the network,
network protocols used, or packet header values
I am glad you wrote about how confidentiality having a different meaning in terms of secure network from cryptographic. I think it is key to understand how these security objectives are described in different sections.
I agree with you that in cryptography they key is to prevent attackers from intercepting messages or communication and in the context of network security the key point is functionality and confidentiality. An appropriate network functionality will include properly routed packets, correctly resolving host names, excluding unapproved protocols and correctly assigning IP address.
Secure Networks from text had very interesting points to note. One that caught my attention was Death Of The Perimeter. According to the text, “death of the perimeter is a phrase used by network administrators to convey the idea that creating a 100 percent secure network is impossible”. From the traditional castle model of network defense, there used to be a well-guarded single point of entry whereby all the information that must enter the organization have to flow through that single entry. In that case it was pretty simple to actually implement appropriate controls to stop the cybercriminals. However, there is an increase of remote work which makes it extremely impossible to only have one single entry point because those employees need access to the internal resources. Once there are multiple entry points the harder it is to secure the network 100 percent.
Death of the Perimeter is one of the key reasons why Zero-Trust has become such a buzzword and focus in the InfoSec community in recent years. If you start from the premise that you cannot create a 100 secure network perimeter, it follow that you can’t fully trust a device just because it is inside the perimeter. From there, the concept of zero trust comes into play. If you trust nothing as inherently secure, then you start to challenge every device or system every time. In the past, this would have been an impossible technical challenge. The computational and bandwidth requirement for that much challenge and response would have flooded a system. But with today’s high speed computing and high bandwidth networking, it is becoming feasible without introducing unacceptable delays.
A key takeaway from the reading was the analogy of the old way to look at a securing a perimeter, which was a castle with moat. The castle had only one entry point and only had to secure that entry point. Now, this way no longer works due to the many different access points. The analogy of thinking the perimeter that has to be secured is like a city. In a city, anyone can enter, but the buildings that are important are secured.
You raised a very important point. Also I like your analogy about how anyone can enter the city due to multiple entry points. So, it is a duty for the enterprises to implement appropriate measures and have a plan to safeguard their assets. Having a plan to follow will help an organization when responding to any incident considering that it is impossible to secure the perimeter 100 percent.
In order to create a secure network environment, it is not enough to only focus on the CIA framework. Network security needs to be divided into four aspects: availability, confidentiality, functionality, and access control.
Ensuring network availability means authorized users can access information, services, and network resources. Denial of service (DoS) attacks are one of the most common cyber attacks against companies. Confidentiality has a different meaning in network security than it does in cryptography. Confidentiality in cryptography requires that the person intercepting the message cannot read it to retrieve the information. Confidentiality in network security is preventing unauthorized users from gaining information about the network. Functionality prevents attackers from changing the function or normal operation of the network. The goal of access control is to prevent attackers or unauthorized employees from accessing internal resources
Because of the ”death of the perimeter“, the traditional castle network defense mode can not guarantee the security of the network. The line between “good guys” and “bad guys” has also blurred. A better paradigm for cybersecurity is the city model: there are no clear boundaries, and multiple ways to enter the network。
I agree with you a robust functionality will prevent attackers from altering internal network using ARP poisoning. Organizations should have a more robust policy driven objectives that will only give least privilege to employees based on their job duties.
An interesting point that i took from the reading is how an appropriate network functionality can prevent attackers from altering the capabilities or operation of the network. An appropriate network functionality will include properly routed packets, correctly resolving host names, excluding unapproved protocols and correctly assigning IP address. It is interesting to note that disgruntled employee could alter the functionality of an internal network using ARP (Address resolution protocol) poisoning allowing them to reroute network traffic over an unencrypted local network. In addition to that employee would use MITM man in the middle attack to steal trade secret he wouldn’t normally have had access to. Organizations should have a more robust policy driven objectives that will only give least privilege to employees based on their job duties.
Hi Abayomi! I agree that functionality encompasses correctly assigning IP addresses as stated in the chapter. There are reduced lapses in connection when IP addresses are correctly assigned especially when it is static. That is one advantage over a dynamic IP address where users are likely to experience lapses in connection to the internet.
One thing that stands out to me about network security is how little has changed conceptually in how to attack a network in decades. Systems have gotten more robust and better at dealing with attacks, but the methods – DoS, eavesdropping, man in the middle, rogue access point, protocol corruption, etc – have only changed in the details of implementation. The core concepts are the same ones that network admins were fighting in the 90s.
Interesting point Dave! I think the core networking concepts of switching, routing, network segmentation, frames and packets have also remained the same for most part. Newer generation devices have different implementation and IPv6 has some changes to the protocol. That could be why fundamentally the concepts of secure networking have not changed much. However, I’m not an networking expert so feel free to correct me here.
One of the points I’d like to discuss from the reading is related to this section: “Past decades have seen this perimeter mentality slowly die off. The “death of the perimeter” is a phrase used by network administrators to convey the idea that creating a 100 percent secure network is impossible. They argue that it is impractical, if not impossible, to force all information in an organization through a single point in the network. Issuing an edict that all employees, including the CEO, must leave their cell phones in their cars will likely be met with resistance.”
While this may be true of the civilian sector. Having previous experience on the DoD side, this methodology is still very much alive. Cleanrooms/Areas are still very much alive is most Cyber sectors of the military. If you wish to enter, you leave everything in a locker before entering and then depending on the classification of data being handled either permitted entry after a pat down/wanding or as extreme as full body xrays, similarly used at airports.
One of the discussions that interested me about the reading material in this chapter was how to build a secure wireless network. With the growth of cloud computing, many organizations have employees doing work remotely, using wireless devices, where employees carry their personal mobile devices and connect them to the network. The most common wireless network attack is unauthorized access. This type of attack can be done in a number of ways, including cracking the encryption keys used by the wireless network or exploiting vulnerabilities in the wireless network security system and then accessing the network’s resources to gain unauthorized access to the wireless network. However, security measures are usually only implemented after a security breach has occurred or a vulnerability has been discovered. Passive security measures may not provide sufficient protection against all types of security threats, especially against new and emerging threats. Combined with the concept of “death of the perimeter” discussed in the article, reliance on perimeter-based security measures such as firewalls is becoming increasingly ineffective in protecting networks as modern networks become increasingly unconstrained by physical boundaries. Organizations need to take a more comprehensive and layered approach to security, using more proactive technologies such as identity and access management (e.g., zero-trust access control), encryption, etc. to better protect their networks (wireless networks) and critical information assets.
ARP (Address Resolution Protocol) resolves 32-bit IP addresses into 48-bit local MAC addresses. Hosts use ARP tables, to confirm connection legitimacy. In an ARP poisoning attack host ARP tables are manipulated to reroute LAN (local-area network) traffic. Once the attacker gets on LAN, they can either use the man-in-the-middle attack or an ARP DoS attack. One of the tactics to prevent ARP poisoning is the utilization of static tables. Another option is to prevent foreign hosts from LAN access
The author discusses four main methods or strategies attackers adopt when carrying out a DoS attack. They are
(1) Direct/indirect
(2) Sending malformed packets
(3) Intermediary and
(4) Reflected
My take is the goal of a denial-of-service (DoS) attack is to cause harm. The harm manifests either as stopping a critical service or slowly degrading services over time. Hackers execute DoS attacks to reduce system availability.
One interesting thing I discovered in the article is that a large number of zombie computers (infected computers under the control of the attacker) are used to either directly or indirectly flood the targeted server(s) – victim, with a large amount of information, with the intent of preventing legitimate users from accessing them (mostly web servers that host websites). In most cases, the owners of zombie computers are unaware that they are being used by attackers, making it increasingly difficult for the owners to detect any unusual activity in their computers. It is also interesting to note that in some cases, there is only a periodic flood of web servers with large traffic that was meant to degrade the service in order to achieve their goal, and in doing so, they glossed over their intended attack of completely shutting it down.
Denial of Service attack causes harm by either stopping a critical service or by slowly degrading services over time. Stopping the critical causes huge business loss where the attacker targets the web services. A very common example would be, an attack launched against the DNS provider to large companies like amazon, walmart, etc during the festive season. Another example would be an attacker shutting down a company’s website and stop employees from accessing their e-mail, file servers, or even the applications.
An attack that slowly degrades services is more difficult to detect because there isn’t an abrupt change in service quality. Network administrators cannot see a clear distinction between genuine growth in network traffic and a progressive DoS attack. Hence, they may be forced into unnecessary capital expenditures for additional bandwidth, hardware, and software.
There are four main methods attackers follow when carrying out a DoS attack:
– direct/indirect: when an attacker tries to flood a victim with a stream of packets directly from the attackers computer or when the attacker tries to flood the victim computer in the same way but the attacker IP addressed is spoofed.
– intermediary: compromised running hosts running malware controlled by the attacker. the botmaster sends a signal for the bots to attack them.
– reflected attack: uses responses from legitimate services to flood a victim.
I want to add the fourth method:
Sending Malformed Packets
Malformed packet will cause the victim to crash
Ping of death
Denial of service is a most common network-based attacks.
Degrade services:
I am aware that a gradual attack, such as a DoS attack, is more difficult to spot than a rapid one. This is due to the difficulty in telling the difference between a rise in actual network traffic and an assault that gradually lowers the level of service. As a result, it is a covert and crafty method for attackers to accomplish their goals. As a result, network managers might not be able to identify the problem right once and might even be duped into spending money on bandwidth, hardware, and software that they don’t need to. For organizations, this may have serious financial and resource ramifications.
Methods of DoS Attack will look at:
1. Direct/indirect
2.intermediary
3.reflected
4. sending malformed packets
False 802.11 Security Measures:
security frequently offer guidance that is currently regarded as being insufficient and deceptive. These so-called security measures provide merely a fleeting and deceptive sense of security, much like “whiskey treatments” for the common cold. They may discourage amateur hackers, but they are insufficient to stop highly skilled attackers who employ cutting-edge hacking software to gain unfettered access to the internet and corrupt home computers. Setting up these security measures requires just as much work as putting complete WPA or 802.11i security into place, which offers a more effective barrier against hackers.
What stood out for me in Chapter 4 was the topic about false sense of security. Preventive measures such as using the spread spectrum operations, turning off SSID broadcasting, MAC address control lists are ineffective at providing wireless security. They may deter curious trespassers and nosy neighbors but not drive-by hackers with specialized software. Also, the time and efforts spent on implementing these ineffective security measures are wasted. A better wireless security measure would be to implement WPA2.
In the Module A, it was interesting to know how the TCP protocol was used by attackers. For instance, sending a TCP SYN message and never sending back an ACK message would cause a DDoS attack. Attackers also use TCP RST messages to determine if there is a host associated with the IP. Also, the TCP sequence numbers could be used by attackers, if they could predict the sequence number successfully, to read messages from one side and send false messages to the other side.
Hi Nishant,
I think this topic is also very interesting. I think its very important to note that some preventative measures are ineffective at providing wireless security. It might be assumed that because they are preventative they will protect all types of attacks however it is important to note that specialized software is not protected.
This chapter elaborates on the most typical network-based denial of service (DoS) attacks and my thoughtful read is that DoS attack aims to prevent legitimate users from accessing a server or network, which lowers availability. DoS assaults achieve this by saturating the target with traffic. This news report claims that the rise in remote work and the use of personal networks rather than protected corporate networks is to blame for the recent spike in DoS assaults. Businesses must be aware of the danger posed by DoS attacks and train their staff on how to protect their home networks. Multiple workstations work together to launch a distributed denial of service (DDos) attack against a single target. These hacked computers are gathered by hackers into networks known as botnets. Preparation of a disaster recovery plan prior to an attack to enable successful mitigation and recovery is a key step in protecting against these assaults.
Traditionally, Ethernet LANs offered no security and allowed any intruder who entered a building to have access to the LAN’s computers. Wireless LANs have deeper threats, as an intruder can connect by radio and bypass the site’s firewall, not even requiring physical entry to the building. This poses a complete breakdown in access control and makes it easy for a drive-by hacker to sit outside the building and gain access to the network using a high-gain antenna.
The eavesdropping threats in both wired and wireless LANs. Intruders who gain access to the network can use packet sniffers to intercept and read legitimate traffic. Ethernet LANs are rarely encrypted, and it is difficult to access the wires or wall jacks, but wireless LANs are vulnerable to eavesdropping as radio transmission makes it easy to intercept traffic unless it is strongly encrypted. However, the encryption used in wireless traffic is often easily crackable with hacker software readily available on the Internet and in some cases, there is no encryption at all.
good point sunam, This case has been troubling my mind a lot because if individuals become a target for hackers then i guess there is going to be a lot of news on that because people do a lot of transactions and email reply on their home networks
The term confidentiality has a slightly different meaning in the context of
network security than it did in the prior chapter on cryptography, which meant that people who
intercept messages cannot read them.
In the context of network security, confidentiality means preventing unauthorized users
from gaining information about the network’s structure, data flowing across the network,
network protocols used, or packet header values
Hello Frank,
I am glad you wrote about how confidentiality having a different meaning in terms of secure network from cryptographic. I think it is key to understand how these security objectives are described in different sections.
Hi Frank,
I agree with you that in cryptography they key is to prevent attackers from intercepting messages or communication and in the context of network security the key point is functionality and confidentiality. An appropriate network functionality will include properly routed packets, correctly resolving host names, excluding unapproved protocols and correctly assigning IP address.
Secure Networks from text had very interesting points to note. One that caught my attention was Death Of The Perimeter. According to the text, “death of the perimeter is a phrase used by network administrators to convey the idea that creating a 100 percent secure network is impossible”. From the traditional castle model of network defense, there used to be a well-guarded single point of entry whereby all the information that must enter the organization have to flow through that single entry. In that case it was pretty simple to actually implement appropriate controls to stop the cybercriminals. However, there is an increase of remote work which makes it extremely impossible to only have one single entry point because those employees need access to the internal resources. Once there are multiple entry points the harder it is to secure the network 100 percent.
Death of the Perimeter is one of the key reasons why Zero-Trust has become such a buzzword and focus in the InfoSec community in recent years. If you start from the premise that you cannot create a 100 secure network perimeter, it follow that you can’t fully trust a device just because it is inside the perimeter. From there, the concept of zero trust comes into play. If you trust nothing as inherently secure, then you start to challenge every device or system every time. In the past, this would have been an impossible technical challenge. The computational and bandwidth requirement for that much challenge and response would have flooded a system. But with today’s high speed computing and high bandwidth networking, it is becoming feasible without introducing unacceptable delays.
A key takeaway from the reading was the analogy of the old way to look at a securing a perimeter, which was a castle with moat. The castle had only one entry point and only had to secure that entry point. Now, this way no longer works due to the many different access points. The analogy of thinking the perimeter that has to be secured is like a city. In a city, anyone can enter, but the buildings that are important are secured.
Hello Jill,
You raised a very important point. Also I like your analogy about how anyone can enter the city due to multiple entry points. So, it is a duty for the enterprises to implement appropriate measures and have a plan to safeguard their assets. Having a plan to follow will help an organization when responding to any incident considering that it is impossible to secure the perimeter 100 percent.
In order to create a secure network environment, it is not enough to only focus on the CIA framework. Network security needs to be divided into four aspects: availability, confidentiality, functionality, and access control.
Ensuring network availability means authorized users can access information, services, and network resources. Denial of service (DoS) attacks are one of the most common cyber attacks against companies. Confidentiality has a different meaning in network security than it does in cryptography. Confidentiality in cryptography requires that the person intercepting the message cannot read it to retrieve the information. Confidentiality in network security is preventing unauthorized users from gaining information about the network. Functionality prevents attackers from changing the function or normal operation of the network. The goal of access control is to prevent attackers or unauthorized employees from accessing internal resources
Because of the ”death of the perimeter“, the traditional castle network defense mode can not guarantee the security of the network. The line between “good guys” and “bad guys” has also blurred. A better paradigm for cybersecurity is the city model: there are no clear boundaries, and multiple ways to enter the network。
Hi Wei,
I agree with you a robust functionality will prevent attackers from altering internal network using ARP poisoning. Organizations should have a more robust policy driven objectives that will only give least privilege to employees based on their job duties.
An interesting point that i took from the reading is how an appropriate network functionality can prevent attackers from altering the capabilities or operation of the network. An appropriate network functionality will include properly routed packets, correctly resolving host names, excluding unapproved protocols and correctly assigning IP address. It is interesting to note that disgruntled employee could alter the functionality of an internal network using ARP (Address resolution protocol) poisoning allowing them to reroute network traffic over an unencrypted local network. In addition to that employee would use MITM man in the middle attack to steal trade secret he wouldn’t normally have had access to. Organizations should have a more robust policy driven objectives that will only give least privilege to employees based on their job duties.
Hi Abayomi! I agree that functionality encompasses correctly assigning IP addresses as stated in the chapter. There are reduced lapses in connection when IP addresses are correctly assigned especially when it is static. That is one advantage over a dynamic IP address where users are likely to experience lapses in connection to the internet.
One thing that stands out to me about network security is how little has changed conceptually in how to attack a network in decades. Systems have gotten more robust and better at dealing with attacks, but the methods – DoS, eavesdropping, man in the middle, rogue access point, protocol corruption, etc – have only changed in the details of implementation. The core concepts are the same ones that network admins were fighting in the 90s.
Interesting point Dave! I think the core networking concepts of switching, routing, network segmentation, frames and packets have also remained the same for most part. Newer generation devices have different implementation and IPv6 has some changes to the protocol. That could be why fundamentally the concepts of secure networking have not changed much. However, I’m not an networking expert so feel free to correct me here.
One of the points I’d like to discuss from the reading is related to this section: “Past decades have seen this perimeter mentality slowly die off. The “death of the perimeter” is a phrase used by network administrators to convey the idea that creating a 100 percent secure network is impossible. They argue that it is impractical, if not impossible, to force all information in an organization through a single point in the network. Issuing an edict that all employees, including the CEO, must leave their cell phones in their cars will likely be met with resistance.”
While this may be true of the civilian sector. Having previous experience on the DoD side, this methodology is still very much alive. Cleanrooms/Areas are still very much alive is most Cyber sectors of the military. If you wish to enter, you leave everything in a locker before entering and then depending on the classification of data being handled either permitted entry after a pat down/wanding or as extreme as full body xrays, similarly used at airports.
One of the discussions that interested me about the reading material in this chapter was how to build a secure wireless network. With the growth of cloud computing, many organizations have employees doing work remotely, using wireless devices, where employees carry their personal mobile devices and connect them to the network. The most common wireless network attack is unauthorized access. This type of attack can be done in a number of ways, including cracking the encryption keys used by the wireless network or exploiting vulnerabilities in the wireless network security system and then accessing the network’s resources to gain unauthorized access to the wireless network. However, security measures are usually only implemented after a security breach has occurred or a vulnerability has been discovered. Passive security measures may not provide sufficient protection against all types of security threats, especially against new and emerging threats. Combined with the concept of “death of the perimeter” discussed in the article, reliance on perimeter-based security measures such as firewalls is becoming increasingly ineffective in protecting networks as modern networks become increasingly unconstrained by physical boundaries. Organizations need to take a more comprehensive and layered approach to security, using more proactive technologies such as identity and access management (e.g., zero-trust access control), encryption, etc. to better protect their networks (wireless networks) and critical information assets.
ARP (Address Resolution Protocol) resolves 32-bit IP addresses into 48-bit local MAC addresses. Hosts use ARP tables, to confirm connection legitimacy. In an ARP poisoning attack host ARP tables are manipulated to reroute LAN (local-area network) traffic. Once the attacker gets on LAN, they can either use the man-in-the-middle attack or an ARP DoS attack. One of the tactics to prevent ARP poisoning is the utilization of static tables. Another option is to prevent foreign hosts from LAN access
The author discusses four main methods or strategies attackers adopt when carrying out a DoS attack. They are
(1) Direct/indirect
(2) Sending malformed packets
(3) Intermediary and
(4) Reflected
My take is the goal of a denial-of-service (DoS) attack is to cause harm. The harm manifests either as stopping a critical service or slowly degrading services over time. Hackers execute DoS attacks to reduce system availability.
One interesting thing I discovered in the article is that a large number of zombie computers (infected computers under the control of the attacker) are used to either directly or indirectly flood the targeted server(s) – victim, with a large amount of information, with the intent of preventing legitimate users from accessing them (mostly web servers that host websites). In most cases, the owners of zombie computers are unaware that they are being used by attackers, making it increasingly difficult for the owners to detect any unusual activity in their computers. It is also interesting to note that in some cases, there is only a periodic flood of web servers with large traffic that was meant to degrade the service in order to achieve their goal, and in doing so, they glossed over their intended attack of completely shutting it down.