Question

In: Computer Science

Explain the following threats: SYN flood, Smurf and Port Scanning

Explain the following threats: SYN flood, Smurf and Port Scanning

Solutions

Expert Solution

`Hey,

Note: Brother in case of any queries, just comment in box I would be very happy to assist all your queries

SYN-FLOOD

In a SYN Flood, a victim server, firewall or other perimeter defense receives (often spoofed and most often from a botnet) SYN packets at very high packet rates that can overwhelm the victim by consuming its resources to process these incoming packets. In most cases if a server is protected by a firewall, the firewall will become a victim of the SYN flood itself and begin to flush its state-table, knocking all good connections offline or even worse - reboot. Some firewalls in order to remain up and running, will begin to indiscriminately drop all good and bad traffic to the destination server being flooded. Some firewalls perform an Early Random Drop process blocking both good and bad traffic. SYN floods are often used to potentially consume all network bandwidth and negatively impact routers, firewalls, IPS/IDS, SLB, WAF as well as the victim servers.

SMURF ATTACK

A smurf attack is a type of denial of service attack in which a system is flooded with spoofed ping messages. This creates high computer network traffic on the victim’s network, which often renders it unresponsive.

Smurfing takes certain well-known facts about Internet Protocol and Internet Control Message Protocol (ICMP) into account. ICMP is used by network administrators to exchange information about network state, and can also be used to ping other nodes to determine their operational status. The smurf program sends a spoofed network packet that contains an ICMP ping. The resulting echo responses to the ping message are directed toward the victim’s IP address. Large number of pings and the resulting echoes can make the network unusable for real traffic.

Port Scanning

A port scan is an attack that sends client requests to a range of server port addresses on a host, with the goal of finding an active port and exploiting a known vulnerability of that service. Scanning, as a method for discovering exploitable communication channels, has been around for ages. The idea is to probe as many listeners as possible, and keep track of the ones that are receptive or useful to your particular need.

Kindly revert for any queries

Thanks.


Related Solutions

What countermeasures can be adopted to mitigate SYN flood attacks?
What countermeasures can be adopted to mitigate SYN flood attacks?
Using a TCP SYN spoofing attack, the attacker aims to flood the table of TCP connection...
Using a TCP SYN spoofing attack, the attacker aims to flood the table of TCP connection requests on a system so that it is unable to respond to legitimate connection requests. Consider a server system with a table for 256 connection requests. This system will retry sending the SYN-ACK packet five times when it fails to receive an ACK packet in response, at 30 second intervals, before purging the request from its table. Assume that no additional countermeasures are used...
Using a TCP SYN spoofing attack, the attacker aims to flood the table of TCP connection...
Using a TCP SYN spoofing attack, the attacker aims to flood the table of TCP connection requests on a system so that it is unable to respond to legitimate connection requests. Consider a server system with a table for 256 connection requests. This system will retry sending the SYN-ACK packet five times when it fails to receive an ACK packet in response, at 30 second intervals, before purging the request from its table. Assume that no additional countermeasures are used...
​​​​​​​Use as much detail as possible. Compare and contrast port scanning and ping sweeps. What is...
​​​​​​​Use as much detail as possible. Compare and contrast port scanning and ping sweeps. What is the best practice to employ to mitigate malware effects on a machine?
Explain briefly meaning of environment scanning in business?
Explain briefly meaning of environment scanning in business?
jebel ali port. Define the activities of jebel ali port in general. Explain its history and...
jebel ali port. Define the activities of jebel ali port in general. Explain its history and find out its current operations worldwide . Explain the reasons for its success from its operations and supply chain point of view.
explain with examples in Zambia the different threats of land . in 2pages
explain with examples in Zambia the different threats of land . in 2pages
explain different types of switches and scanning and provide examples of when they can be used...
explain different types of switches and scanning and provide examples of when they can be used My major is rehabilitation services. the class is assistuve technology. the book is assistive technology for people with disabilities
Discuss the importance of environmental scanning and explain how the founders of Airbnb scanned the environment...
Discuss the importance of environmental scanning and explain how the founders of Airbnb scanned the environment before starting their company. NB: Your answer should be a minimum of 500 to a maximum of 650 words. Markers are to stop marking after the threshold of 600 words has been reached. Please indicate the word count at the end your answer.
Explain the principle of Differential scanning calorimetry (DSC) and its applications in polymer analysis.
Explain the principle of Differential scanning calorimetry (DSC) and its applications in polymer analysis.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT