Ping of Death : Seminar on Denial Of Service ( Download Full Seminar Report )
#1

The Ping of Death uses a ping system utility to create an IP packet that exceeds the maximum 65,536 bytes of data allowed by the IP specification. The oversize packet is then sent to an unsuspecting system. Systems may crash, hang, or reboot when they receive such a maliciously crafted packet. This attack is not new, and all OS vendors have fixes in place to handle the oversize packets.

Download Full Seminar Report
Downlaod

Mirror
Reply
#2
please send me tha full project report..........
please send me the full project report on ping of death......
Reply
#3
Ping of deathBig Grinenial of Service Attacks-An Emerging Vulnerability for the "Connected" Network
abstract
denying access to essential
services by legitimate users is the main aim of the increasing new types of attacks in internet. This maybe through methods like crashing servers or routers, overwhelming the network with huge traffic to degrade the traffic. a readily available software program is all that one needs to launch a denial of service attack(DoS).

How IP Works
Computers share information over the Internet using a common language called IP. HTTP (Web), FTP
(File Transfer Protocol), POP3 (E-mail) etc arec part of this protocol package. They are identified by the port number. Normally , Web traffic uses TCP port 80.A client/server model is followed in computer networks when they communicate. When the server sends, the client listens. A web server server typically listens on port 80. Other ports are also open the same time. a hacker could attack it over an unprotected port if the server administrator is not careful.

Port Scans
hackers often employ a technique called "port scanning" for watching the unprotected ports on a server. more than 130,000 IP ports are present and each of these have clearly defined purposes. The general assignments are:
-port 21-FTP
-23 Telnet
-25 - SMTP
-80- HTTP
-110 - POP3
There may be other functioning ports like the port 8080 for a test Web site, Port 389 for LDAP directory access.
The fingerprint of port scaning is that a port scan will look like a series of "TCP Connection Dropped" or "UDP Connection Dropped" in the log of the seerver.

IP Spoofing
IP Spoofing is used by many hackers to hide their IP. They do it by modifying IP packet headers to look like they come from a different computer. This can also be used for malicious activities by by tricking a router or firewall into believing that the communication comes form a trusted computer within the network.

Denial of Service Attacks

The three types are:
-those that exploit bugs in a TCP/IP implementation
-brute-force attacks that flood a network with useless data
-those that exploit
weaknesses in the implementation of TCP/IP

For more details visit:
http://sonicwall-solutionspdfs/white_papers/denial_of_service_attacks.pdf
Reply
#4
[attachment=8930]
Ping of Death Seminar on Denial Of Service
Abstract

The Ping of Death uses a ping system utility to create an IP packet that exceeds the maximum 65,536 bytes of data allowed by the IP specification. The oversize packet is then sent to an unsuspecting system. Systems may crash, hang, or reboot when they receive such a maliciously crafted packet. This attack is not new, and all OS vendors have fixes in place to handle the oversize packets.
Teardrop
The recently developed Teardrop attack exploits weaknesses in the reassembly of IP packet fragments. During its journey through the Internet, an IP packet may be broken up into smaller chunks. Each fragment looks like the original IP packet except that it contains an offset field that says, for instance, "This fragment is carrying bytes 600 through 800 of the original (nonfragmented) IP packet." The Teardrop program creates a series of IP fragments with overlapping offset fields. When these fragments are reassembled at the destination host, some systems will crash, hang, or reboot.
SYN Attack :
Weaknesses in the TCP/IP specification leave it open to SYN attacks, executed during the three-way handshake that kicks off the conversation between two applications. Under normal circumstances, the application that initiates a session sends a TCP SYN synchronization packet to the receiving application. The receiver sends back a TCP SYN-ACK acknowledgment packet and then the initiator responds with an ACK acknowledgment. After this handshake, the applications are set to send and receive data.But a SYN attack floods a targeted system with a series of TCP SYN packets. Each packet causes the targeted system to issue a SYN-ACK response. While the targeted system waits for the ACK that follows the SYN-ACK, it queues up all outstanding SYN-ACK responses on what is known as a backlog queue. This backlog queue has a finite length that is usually quite small. Once the queue is full, the system will ignore all incoming SYN requests. SYN-ACKs are moved off the queue only when an ACK comes back or when an internal timer (which is set at relatively long intervals) terminates the three-way handshake.A SYN attack creates each SYN packet in the flood with a bad source IP address, which under routine procedure identifies the original packet. All responses are sent to the source IP address. But a bad source IP address either does not actually exist or is down; therefore the ACK that should follow a SYN-ACK response will never come back. This creates a backlog queue that's always full, making it nearly impossible for legitimate TCP SYN requests to get into the system.
Firewall vendors such as Checkpoint, Cisco, and Raptor have incorporated features into their products to shield your downstream systems from SYN attacks. In addition, your firewall should make sure that outbound packets contain source IP addresses that originate from your internal network, so that source IP addresses can't be forged (or spoofed) from the network.
Among the known source IP addresses that you should filter are 10.0.0.0 to 10.255.255.255, 127.0.0.0 to 127.255.255.255, 172.16.0.0 to 172.31.255.255, and 192.168.0.0 to 192.168.255.255.
Smurf Attack
A lot more dangerous than any initiative launched by their cartoon namesakes, the Smurf attack is a brute-force attack targeted at a feature in the IP specification known as direct broadcast addressing. A Smurf hacker floods your router with Internet Control Message Protocol (ICMP) echo request packets (pings). Since the destination IP address of each packet is the broadcast address of your network, your router will broadcast the ICMP echo request packet to all hosts on the network. If you have numerous hosts, this will create a large amount of ICMP echo request and response traffic.If a hacker chooses to spoof the source IP address of the ICMP echo request packet, the resulting ICMP traffic will not only clog up your network--the "intermediary" network--but will also congest the network of the spoofed source IP address--known as the "victim" network.To prevent your network from becoming the intermediary, you can turn off broadcast addressing if your router allows it (unless you need it for multicast features, which haven't been fully defined yet), or you can let your firewall filter the ICMP echo request. To avoid becoming the victim of a Smurf attack, you must have an upstream firewall--preferably a border router--that can either filter ICMP echo responses or limit echo traffic to a small percentage of overall network traffic
UDP Flood
The User Datagram Protocol (UDP) Flood denial-of-service attack also links two unsuspecting systems. By spoofing, the UDP Flood attack hooks up one system's UDP chargen service, which for testing purposes generates a series of characters for each packet it receives, with another system's UDP echo service, which echoes any character it receives in an attempt to test network programs. As a result, a nonstop flood of useless data passes between the two systems.To prevent a UDP Flood, you can either disable all UDP services on each host in your network or--easier still--have your firewall filter all incoming UDP service requests. Since UDP services are designed for internal diagnostics, you could probably get by with denying UDP service access from the Internet community. But if you categorically deny all UDP traffic, you will rebuff some legitimate applications, such as RealAudio, that use UDP as their transport mechanism.

Land Attack:

In a Land attack--a simple hybrid of the SYN attack--hackers flood SYN packets into the network with a spoofed source IP address of the targeted system. Even with SYN fixes in place, a Land attack can cause problems for some systems. Although this type of attack is new, most OS vendors provide fixes.Another way to defend your network against the Land attack is to have your firewall filter out all incoming packets with known bad source IP addresses. Packets that come into your system with source IP addresses that identify them as generated from your internal system are obviously bad. Filtering packets will neutralize exposure to the Land attack.
Reply

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page
Popular Searches: seminar on kerssystem in ppt, seminar praentation on clutches, seminar project on insulators, bulki transportetion seminar ppt, ppt seminar on mivan shuttering, alchemist socratic seminar, ifrs seminar ohio,

[-]
Quick Reply
Message
Type your reply to this message here.

Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  computer networks full report seminar topics 8 42,026 06-10-2018, 12:35 PM
Last Post: jntuworldforum
  OBJECT TRACKING AND DETECTION full report project topics 9 30,658 06-10-2018, 12:20 PM
Last Post: jntuworldforum
  imouse full report computer science technology 3 24,900 17-06-2016, 12:16 PM
Last Post: ashwiniashok
  Implementation of RSA Algorithm Using Client-Server full report seminar topics 6 26,614 10-05-2016, 12:21 PM
Last Post: dhanabhagya
  Optical Computer Full Seminar Report Download computer science crazy 46 66,346 29-04-2016, 09:16 AM
Last Post: dhanabhagya
  ethical hacking full report computer science technology 41 74,445 18-03-2016, 04:51 PM
Last Post: seminar report asees
  broadband mobile full report project topics 7 23,324 27-02-2016, 12:32 PM
Last Post: Prupleannuani
  steganography full report project report tiger 15 41,337 11-02-2016, 02:02 PM
Last Post: seminar report asees
  Digital Signature Full Seminar Report Download computer science crazy 20 43,691 16-09-2015, 02:51 PM
Last Post: seminar report asees
  HOLOGRAPHIC VERSATILE DISC A SEMINAR REPORT Computer Science Clay 20 39,233 16-09-2015, 02:18 PM
Last Post: seminar report asees

Forum Jump: