HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 40 guests and 3 members online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Network Pen Testingarrow Crashing a server
EH-Net
May 24, 2013, 09:33:21 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1] 2   Go Down
« previous next »
  Print  
Author Topic: Crashing a server  (Read 13831 times)
0 Members and 1 Guest are viewing this topic.
servercrasher365
Newbie
*
Offline Offline

Posts: 11


View Profile
« on: April 29, 2008, 06:19:30 AM »
Hi guys,
My names Leo and I'm  new to this forum.I'm assigned a project in my university which's on buiding a security stress testing tool with which to test servers.The tool will be developed by collecting open-source software(nessus,framework and the like) and operating systems and writing a test harness to combine the functionality together into a single flexible tool.

Could you help me with ideas regarding what sort of attacks i should incorporate in the tool,the idea is to try and crash the server.....there would be a software interface.its like i press this button and this particular attack happens...plz help me with suggestions and ideas,am running out of time.....

Cheers
Logged
vijay2
Full Member
***
Offline Offline

Posts: 220


View Profile
« Reply #1 on: April 29, 2008, 06:40:19 AM »
I think crashing the server is one of the easiest attack vector. There a plenty of DoS attacks available on various sites depending on OS and platform of the server in question. As you have put up a general question .. I would say Google is your friend.
Logged
GPEN GCFA GCIH CISSP CISA GSEC OSCP C|EH Security+
servercrasher365
Newbie
*
Offline Offline

Posts: 11


View Profile
« Reply #2 on: April 29, 2008, 06:52:00 AM »
Thanks mate.I did quite a bit of googling on it,came up with tons of stuff and so understandably confused as to which attacks to focus on...is it only DoS?The server is pretty secure and patched upto date...so need a damn good tool to do the job....
Logged
shawal
Jr. Member
**
Offline Offline

Posts: 88


View Profile
« Reply #3 on: April 29, 2008, 07:26:30 AM »
servercrasher365,
crashing a server is not a nice thing to do, DOS can be very simple by trying to run out of system resources memory, cpu, network bandwidth, number of open files, number of connections a sever can handle, illegal instructions to  the BIOS/FIRMWARE of the different I/O devices. it is not advised and there are no skillz about it. why would not you utilize your resources in developing a safe plugin for nessus or enhacing one of the current pen. test tools?!
Logged
RHCE, GIAC GCIH.
Andrew Waite
Hero Member
*****
Offline Offline

Posts: 928



View Profile WWW
« Reply #4 on: April 29, 2008, 07:32:13 AM »
Quote from: servercrasher365 on April 29, 2008, 06:52:00 AM
which attacks to focus on...is it only DoS?The server is pretty secure and patched upto date...so need a damn good tool to do the job....

You stated previously that you want to 'stress test' the server then DoS is the way to go. Only distinction that I can see between a 'stress test' and DoS is having permission and whether you are successful.

As Shawal states there isn't too much skill/knowledge required to DoS a server, what is it that you are trying to achieve by undertaking this work?

As this is the Ethical Hacker network, I'm assuming that you've got permission. Therefore make sure that you plan the location of the source and target machines well to ensure that you do not have a negative impact on any intervening infrastructure as well as/instead of your intended target.

Also ensure that you have written permission from a higher-up before you perform this kind of action. It's amazing how 'yeah, just go ahead' can be miss understood once the excrement hits the cooling device Wink
Logged
-- http://www.infosanity.co.uk
-- http://blog.infosanity.co.uk
servercrasher365
Newbie
*
Offline Offline

Posts: 11


View Profile
« Reply #5 on: April 29, 2008, 07:36:10 AM »
Shawal,
I'm aware that crashing a server isn't a nice thing to do..however its my dissertation and am doing it for a company so that they could test how good their servers are at withstanding such attacks.

u talked about developing a safe plugin for nessus or enhacing one of the current pen. test tools?..could you plz give me some more details on those lines....?

You also metioned about DoS being very simple to carry out.Would it be that easy if the sever is well protected by IDS and firewall and ddos defence mechanisms?
Logged
BillV
Hero Member
*****
Offline Offline

Posts: 1892


View Profile WWW
« Reply #6 on: April 29, 2008, 07:38:10 AM »
Quote from: servercrasher365 on April 29, 2008, 07:36:10 AM
I'm aware that crashing a server isn't a nice thing to do..however its my dissertation and am doing it for a company so that they could test how good their servers are at withstanding such attacks.

Didn't you just say this was for a university project?
Logged
servercrasher365
Newbie
*
Offline Offline

Posts: 11


View Profile
« Reply #7 on: April 29, 2008, 07:45:17 AM »
Its an university project in conjunction with a company!
Logged
servercrasher365
Newbie
*
Offline Offline

Posts: 11


View Profile
« Reply #8 on: April 29, 2008, 07:51:17 AM »
Role Reversal,
I'm trying to build a framework,on the lines of nessus,metasploit framework,nmap n so on to carry out attacks on a server.I'm authorized to undertake this project and hence no legal issues as such.

the main question for me after reading ur posts is,is dos n ddos the way to go or should i focus on other attacks like sql injection,buffer overflows n stuff?
Logged
Andrew Waite
Hero Member
*****
Offline Offline

Posts: 928



View Profile WWW
« Reply #9 on: April 29, 2008, 07:54:31 AM »
Quote from: servercrasher365 on April 29, 2008, 07:51:17 AM
the main question for me after reading ur posts is,is dos n ddos the way to go or should i focus on other attacks like sql injection,buffer overflows n stuff?

If you are trying to 'stress test' a device you need DoS (I'm assuming you don't/won't have the resources for a valid DDoS). SQL injection et.al are exploits are won't stress the server, merely 0wn it Wink

Do you have specific services that you are trying to test, or the server as a whole? (I'm guessing an SQL-type service might be part of the setup as you mentioned injection)
Logged
-- http://www.infosanity.co.uk
-- http://blog.infosanity.co.uk
vijay2
Full Member
***
Offline Offline

Posts: 220


View Profile
« Reply #10 on: April 29, 2008, 07:56:50 AM »
WoW !! This thread is getting interesting with every post. I am not clear what the goals are for the project or even is there a project. Want to crash a server is a very broad goal. DoS could be a easiest attack vector available for crashing a server but I tend to disagree that it does not require any skills. Most DoS or DDOS attacks signatures are well known and are incorporated in the IDS/IPS, and even common firewalls are able to detect them. Therefore, first of all you need to find a vulnerability in the server to attack it and the most difficult part is to evade the IDS/IPS.

I think if you come up with very specific questions .. you might get better answers.

As RR said .. SQL, BoF, ... will own the server... no stress test there.
Logged
GPEN GCFA GCIH CISSP CISA GSEC OSCP C|EH Security+
Andrew Waite
Hero Member
*****
Offline Offline

Posts: 928



View Profile WWW
« Reply #11 on: April 29, 2008, 08:02:34 AM »
Quote from: vijay2 on April 29, 2008, 07:56:50 AM
Most DoS or DDOS attacks signatures are well known and are incorporated in the IDS/IPS, and even common firewalls are able to detect them. Therefore, first of all you need to find a vulnerability in the server to attack it and the most difficult part is to evade the IDS/IPS.

True, but the initial request stated testing a server, I agree that the challenge gets harder once IDS/IPS/Firewall etc. get in the way. I had been assuming that as this project is approved and targetted at stress testing a server, these features would not come into play.

ServerCrash, based on the responses that you have been given so far can you provide more detailed information on your aims/requirements to create a concrete scenario rather than myself and other members working from potentially incorrect assumptions. Should improve the quality of feedback for you project aswell Wink

(Sounds more fun than my dissertation project  Cry )
Logged
-- http://www.infosanity.co.uk
-- http://blog.infosanity.co.uk
servercrasher365
Newbie
*
Offline Offline

Posts: 11


View Profile
« Reply #12 on: April 29, 2008, 08:19:11 AM »
I'm with you...Unless i give more specific details,it would be hard for u guys to help me out.I'm in the initial stagesof the project.my supervisor has asked me to identify the type of attacks that i wud need to carry out against windows and linux systems in an attempt to crash it,and make a proposal report...so after the next meeting ,i would have more specific queries.Anyways thanks for the posts,it was really helpful,i was all confused after the googling,lol:)
Logged
servercrasher365
Newbie
*
Offline Offline

Posts: 11


View Profile
« Reply #13 on: April 30, 2008, 07:38:20 AM »
I've identified the following DoS attacks-
Apache2
back
Mailbomb
Neptune
Ping of death
Process Table
Smurf
Teardrop
UDP Storm
syslogd

Does it make sense that I focus on these attacks or are they no more effective these days?like for instance the Ping of Death is no more a threat....how good is the rest of the list?

Cheers
Logged
Andrew Waite
Hero Member
*****
Offline Offline

Posts: 928



View Profile WWW
« Reply #14 on: April 30, 2008, 07:42:24 AM »
My response to your new post/thread.

Quote from: rolereversal
ServerCrash,

the listed attack vectors only make sense if the box you are trying to test is running the vulnerable service. For example the Apache2 DoS requires an apach2 deamon to be running, syslogd requires syslogd etc.

At the same time if you are testing a specific server configuration and you find an attack vector that has no impact on the box then this will be as valuable to your university project as finding a vector that drops the server to it's knees. Therefore implementing the old exploits like Ping of Death may not be a waste of time provided you can explain why devices are no longer as vulnerable to once crippling attacks.

From my experience from University projects (specialised in monitoring systems) it can be more advantageous to explain why things don't work rather than have a state of the art technical solution. From your perspective I imagine that the methodology and techniques for testing systems may be more important than actual functionality.

Hope this helps.

Why create a new post then continue the existing one with same content?
Logged
-- http://www.infosanity.co.uk
-- http://blog.infosanity.co.uk
Pages: [1] 2   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.066 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.