Whenever data is sent over the Internet, it is broken into fragments at the source system and reassembled at the destination system. For example, suppose you need to send 4,000 bytes of data from one system to another. Rather than sending the entire chunk in a single packet, the data is broken down into smaller packets, each packet carrying a specified range of data like so:
In a teardrop attack a series of data packets is sent to the target system with overlapping Offer field values. As a result, the target system cannot reassemble the packets and is forced to crash, hang, or reboot.
Still not quite clear on how this works? Let's examine how a system receives data packets under normal circumstances. (Note that the underscore character ( _ ) equals one data packet.) As you can see here, no bytes overlap between packets:
- - - - - - - - - - - -
(Bytes 1-1500) (Bytes 1501-3000) (Bytes 3001-4500)
In a teardrop attack, however, the data packets sent to the target computer contain bytes that overlap with each other:
- - - - - - - - - - - - -
(Bytes 1-1500) (Bytes 1501-3000) (Bytes 1001-3600)
When the target system receives a series of packets like the one shown here, it cannot reassemble the data and, therefore, will crash, hang or reboot.
-------------------------------------------------------------------------------------------------------
---------->>> SYN-Flood Attacks
-------------------------------------------------------------------------------------------------------
- Packet 1 will carry bytes 1-1500.
- Packet 2 will carry bytes 1501-3000.
- Packet 3 will carry bytes 3001-4000.
In a teardrop attack a series of data packets is sent to the target system with overlapping Offer field values. As a result, the target system cannot reassemble the packets and is forced to crash, hang, or reboot.
Still not quite clear on how this works? Let's examine how a system receives data packets under normal circumstances. (Note that the underscore character ( _ ) equals one data packet.) As you can see here, no bytes overlap between packets:
- - - - - - - - - - - -
(Bytes 1-1500) (Bytes 1501-3000) (Bytes 3001-4500)
In a teardrop attack, however, the data packets sent to the target computer contain bytes that overlap with each other:
- - - - - - - - - - - - -
(Bytes 1-1500) (Bytes 1501-3000) (Bytes 1001-3600)
When the target system receives a series of packets like the one shown here, it cannot reassemble the data and, therefore, will crash, hang or reboot.
Countermeasure :- To protect your system from teardrop attacks, make sure you have the latest patches from your vendor, For more information about these types of attacks and the countermeasures you can take.
-------------------------------------------------------------------------------------------------------
---------->>> SYN-Flood Attacks
-------------------------------------------------------------------------------------------------------
0 comments:
Post a Comment