Ethical Hacking: Denial of Service

Prepare for the Certified Ethical Hacker exam. Learn about the most common types of denial-of-service (DoS) attacks and discover strategies to mitigate them.

Introduction

• Understanding and defeating denial-of-service attacks
• What you should know
• Disclaimer

1. What Is a Denial of Service?

• Understanding denial of service
• Using Python to test denial of service

2. Infrastructure Denial of Service

• TCP SYN flooding using hping3
• Using Hyena to run a reflection attack
• UDP flooding with LOIC
• ARP poisoning with Ettercap
• Using NTP to amplify attacks
• NEW: Amplification using memcached
• NEW: When is a DDoS not a DDoS?

3. Wireless Denial of Service

• Deauthenticating a wireless host

4. Application Denial of Service

• Flooding HTTP using GoldenEye
• Testing webapps using OWASP SwitchBlade
• Understanding BlackEnergy
• Killing the FTP service
• RangeAmp attacks on the CDN
• Profiling Killnet

5. SIP Service Attacks

• Flooding a SIP server

6. Ransomware

• Explaining ransomware
• Understanding Cryptolocker
• Understanding Petya

7. Mitigation Techniques

• Defeating denial-of-service attacks
• Commercial anti-DOS services
• Detecting P2P attacks with PeerShark
• NIST guidance on mitigating DDOS
• Considering IoT denial

Conclusion

• Summary