The Ethical Hacker Network

Home

Calendar

Certifications

Latest Additions

EH-Net Login

Welcome Guest.

Lost Password?

No account yet? Register

Who's Online
We have 22 guests and 3 members online

EH-Net Donations
Enter Amount: $

Google Ads

EH-Net News Feeds
Latest Additions

Book Recommendations

You are here: Home

Forum

Ethical Hacking Discussions and Related Certifications

Network Pen Testing

DoS

Ethical Hacker Community Forums

November 21, 2008, 08:13:44 AM

Welcome, Guest. Please login or register.
Did you miss your activation email?

News: ChicagoCon 2-Day Ethical Hacking Conference with MS Blue Hats Oct 31 - Nov 1. Tickets Only $100! www.chicagocon.com/content/view/103/51/

Home

Help

Calendar

Ethical Hacker Community Forums > Ethical Hacking Discussions and Related Certifications > Network Pen Testing (Moderator: don) > DoS

Pages: [1] Go Down

« previous next »

	Author	Topic: DoS (Read 830 times)
0 Members and 1 Guest are viewing this topic.

servercrasher365

Newbie

Offline

Posts: 11

DoS

« on: April 30, 2008, 06:26:20 AM »

Continuing from ystdays post on server crashing(thats my uni project to build a server test tool),I've identified the following DoS attacks-
Apache2
back
Mailbomb
Neptune
Ping of death
Process Table
Smurf
Teardrop
UDP Storm
syslogd

Does it make sense that I focus on these attacks or are they no more effective these days?like for instance the Ping of Death is no more a threat....how good is the rest of the list?

Cheers


	Logged

RoleReversal

Sr. Member

Offline

Posts: 457

Re: DoS

« Reply #1 on: April 30, 2008, 07:39:59 AM »

ServerCrash,

the listed attack vectors only make sense if the box you are trying to test is running the vulnerable service. For example the Apache2 DoS requires an apach2 deamon to be running, syslogd requires syslogd etc.

At the same time if you are testing a specific server configuration and you find an attack vector that has no impact on the box then this will be as valuable to your university project as finding a vector that drops the server to it's knees. Therefore implementing the old exploits like Ping of Death may not be a waste of time provided you can explain why devices are no longer as vulnerable to once crippling attacks.

From my experience from University projects (specialised in monitoring systems) it can be more advantageous to explain why things don't work rather than have a state of the art technical solution. From your perspective I imagine that the methodology and techniques for testing systems may be more important than actual functionality.

Hope this helps.


	Logged

A little bit of sanity:
http://www.infosanity.co.uk

Pages: [1] Go Up

« previous next »

Jump to:

Page created in 0.031 seconds with 23 queries.

Sponsors

Polls

During the most recent election, I:

	Chose a paper ballot.
	Trusted the machines.
	Didn't care, just voted.
	Didn't have a choice. It was paper.
	Didn't have a choice. It was electronic.
	Didn't vote.

Support EH-Net

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.

Try CBT Nuggets Free!

Recent Forum Topics

Programming : Using Assembly to access locked files (1) by NickFnord
Other : New to Ethical Hacking? (2) by cleanwithit0607
Forensics : Working for the dark side (6) by pseud0
Tools : NetWitness Investigator is now free! (4) by SynJunkie
Malware : Military Bans Removable Media (8) by sgt_mjc
Programming : Exploits (5) by cleanwithit0607
CEH - Certified Ethical Hacker : MSS from EC-Council? (9) by BillV
Looking To Hire : Looking for a Security Intelligence and Analytics Specialist (0) by liztownsend
Malware : Microsoft to Offer Free Anti-malware Tool (8) by jason
Network Pen Testing : page action (3) by lovewadhwa
Tools : Metasploit 3.2 released (1) by RoleReversal
Mass Media : Movie: Untraceable (7) by jason
Hardware : DD-WRT FTW! (1) by jason
Hardware : DIY USB Keystroke Logger? (0) by jason
Oct 2008 - Scooby Doo and the Crypto Caper : [Article]-Scooby Doo and the Crypto Caper (4) by trolley
Forensics : It's time to get that data back! (4) by sgt_mjc
Forensics : Gaining experience... first steps (5) by sgt_mjc
News from the Outside World : OS with Highest Security Rating from NSA goes Commercial (3) by jason
Other : Microsoft Hyper-V Server 2008 Released, Free (3) by sgt_mjc
Book Reviews : The Art Of Exploitation (3) by apollo
Social Engineering : How to Run a Con (0) by jason
Social Engineering : History Channel's Secrets of Body Language (2) by jason
Social Engineering : Facial Expression Test (0) by jason
CEH - Certified Ethical Hacker : Howdy - study question/labs bootcamp etc. (3) by BillV
Other : PC geeks Inc. (0) by iSmith
Other : UK Data Protection Act (3) by RoleReversal
Other : Yahoo CEO Jerry Yang to Step Down (0) by don
Network Pen Testing : Backtrack 3 Install (2) by KrisTeason
Certification : 7 Types of Hard CISSP Exam Questions and How To Approach Them (4) by jason
CEH - Certified Ethical Hacker : new guy (1) by jason
Programming : Small Basic (2) by jason
Other : Where to start? (5) by jason
Certification : I need your advice connecting to IS certs and careers (3) by jason
News from the Outside World : Deleting your digital past (0) by jason
OSCP - Offensive Security Certified Professional : Next Up OSCP101 v2.0 (31) by jason
Forensics : Data Recovery (6) by jason
Tutorials : problem with use MSF (12) by geekyone
Book Reviews : Hacking Exposed, 5th Edition (5) by cleanwithit0607
Forensics : Looking for advice on pursuing forensics.. (3) by Ketchup
Tutorials : about Metasploit 3.1 plz help (4) by mr.Z

Vote For EH-Net

progenic.com
Click here to Vote!

Sadikhov.com
Top IT Cert Sites

binarica.com

technorati fave

Privacy Notice
for TDCC & All Properties

Joomla! is Free Software released under the GNU/GPL License.

Support EH-Net by Buying all of your Amazon items using the search bar above. Try CBT Nuggets Free!

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.

Try CBT Nuggets Free!