Ping of Death : Seminar on Denial Of Service ( Download Full Seminar Report )
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
computer science crazy
Super Moderator
******

Posts: 3,048
Joined: Dec 2008
#1
09-04-2009, 12:59 PM


The Ping of Death uses a ping system utility to create an IP packet that exceeds the maximum 65,536 bytes of data allowed by the IP specification. The oversize packet is then sent to an unsuspecting system. Systems may crash, hang, or reboot when they receive such a maliciously crafted packet. This attack is not new, and all OS vendors have fixes in place to handle the oversize packets.

Download Full Seminar Report
Downlaod

Mirror
Use Search at http://topicideas.net/search.php wisely To Get Information About Project Topic and Seminar ideas with report/source code along pdf and ppt presenaion
Reply
chimi
Active In SP
**

Posts: 1
Joined: Sep 2010
#2
28-09-2010, 06:56 PM

please send me tha full project and implimentation report..........
please send me the full project and implimentation report on ping of death......
Reply
seminarsonly
Active In SP
**

Posts: 126
Joined: Sep 2010
#3
29-09-2010, 06:00 PM

Ping of deathBig Grinenial of Service Attacks-An Emerging Vulnerability for the "Connected" Network
abstract
denying access to essential
services by legitimate users is the main aim of the increasing new types of attacks in internet. This maybe through methods like crashing servers or routers, overwhelming the network with huge traffic to degrade the traffic. a readily available software program is all that one needs to launch a denial of service attack(DoS).

How IP Works
Computers share information over the Internet using a common language called IP. HTTP (Web), FTP
(File Transfer Protocol), POP3 (E-mail) etc arec part of this protocol package. They are identified by the port number. Normally , Web traffic uses TCP port 80.A client/server model is followed in computer networks when they communicate. When the server sends, the client listens. A web server server typically listens on port 80. Other ports are also open the same time. a hacker could attack it over an unprotected port if the server administrator is not careful.

Port Scans
hackers often employ a technique called "port scanning" for watching the unprotected ports on a server. more than 130,000 IP ports are present and each of these have clearly defined purposes. The general assignments are:
-port 21-FTP
-23 Telnet
-25 - SMTP
-80- HTTP
-110 - POP3
There may be other functioning ports like the port 8080 for a test Web site, Port 389 for LDAP directory access.
The fingerprint of port scaning is that a port scan will look like a series of "TCP Connection Dropped" or "UDP Connection Dropped" in the log of the seerver.

IP Spoofing
IP Spoofing is used by many hackers to hide their IP. They do it by modifying IP packet headers to look like they come from a different computer. This can also be used for malicious activities by by tricking a router or firewall into believing that the communication comes form a trusted computer within the network.

Denial of Service Attacks

The three types are:
-those that exploit bugs in a TCP/IP implementation
-brute-force attacks that flood a network with useless data
-those that exploit
weaknesses in the implementation of TCP/IP

For more details visit:
sonicwall-solutionspdfs/white_papers/denial_of_service_attacks.pdf
Use Search at http://topicideas.net/search.php wisely To Get Information About Project Topic and Seminar ideas with report/source code along pdf and ppt presenaion
Reply
seminar class
Active In SP
**

Posts: 5,361
Joined: Feb 2011
#4
22-02-2011, 11:02 AM


.doc   ping of death(denial of service).doc (Size: 114.5 KB / Downloads: 73)
Ping of Death Seminar on Denial Of Service
Abstract

The Ping of Death uses a ping system utility to create an IP packet that exceeds the maximum 65,536 bytes of data allowed by the IP specification. The oversize packet is then sent to an unsuspecting system. Systems may crash, hang, or reboot when they receive such a maliciously crafted packet. This attack is not new, and all OS vendors have fixes in place to handle the oversize packets.
Teardrop
The recently developed Teardrop attack exploits weaknesses in the reassembly of IP packet fragments. During its journey through the Internet, an IP packet may be broken up into smaller chunks. Each fragment looks like the original IP packet except that it contains an offset field that says, for instance, "This fragment is carrying bytes 600 through 800 of the original (nonfragmented) IP packet." The Teardrop program creates a series of IP fragments with overlapping offset fields. When these fragments are reassembled at the destination host, some systems will crash, hang, or reboot.
SYN Attack :
Weaknesses in the TCP/IP specification leave it open to SYN attacks, executed during the three-way handshake that kicks off the conversation between two applications. Under normal circumstances, the application that initiates a session sends a TCP SYN synchronization packet to the receiving application. The receiver sends back a TCP SYN-ACK acknowledgment packet and then the initiator responds with an ACK acknowledgment. After this handshake, the applications are set to send and receive data.But a SYN attack floods a targeted system with a series of TCP SYN packets. Each packet causes the targeted system to issue a SYN-ACK response. While the targeted system waits for the ACK that follows the SYN-ACK, it queues up all outstanding SYN-ACK responses on what is known as a backlog queue. This backlog queue has a finite length that is usually quite small. Once the queue is full, the system will ignore all incoming SYN requests. SYN-ACKs are moved off the queue only when an ACK comes back or when an internal timer (which is set at relatively long intervals) terminates the three-way handshake.A SYN attack creates each SYN packet in the flood with a bad source IP address, which under routine procedure identifies the original packet. All responses are sent to the source IP address. But a bad source IP address either does not actually exist or is down; therefore the ACK that should follow a SYN-ACK response will never come back. This creates a backlog queue that's always full, making it nearly impossible for legitimate TCP SYN requests to get into the system.
Firewall vendors such as Checkpoint, Cisco, and Raptor have incorporated features into their products to shield your downstream systems from SYN attacks. In addition, your firewall should make sure that outbound packets contain source IP addresses that originate from your internal network, so that source IP addresses can't be forged (or spoofed) from the network.
Among the known source IP addresses that you should filter are 10.0.0.0 to 10.255.255.255, 127.0.0.0 to 127.255.255.255, 172.16.0.0 to 172.31.255.255, and 192.168.0.0 to 192.168.255.255.
Smurf Attack
A lot more dangerous than any initiative launched by their cartoon namesakes, the Smurf attack is a brute-force attack targeted at a feature in the IP specification known as direct broadcast addressing. A Smurf hacker floods your router with Internet Control Message Protocol (ICMP) echo request packets (pings). Since the destination IP address of each packet is the broadcast address of your network, your router will broadcast the ICMP echo request packet to all hosts on the network. If you have numerous hosts, this will create a large amount of ICMP echo request and response traffic.If a hacker chooses to spoof the source IP address of the ICMP echo request packet, the resulting ICMP traffic will not only clog up your network--the "intermediary" network--but will also congest the network of the spoofed source IP address--known as the "victim" network.To prevent your network from becoming the intermediary, you can turn off broadcast addressing if your router allows it (unless you need it for multicast features, which haven't been fully defined yet), or you can let your firewall filter the ICMP echo request. To avoid becoming the victim of a Smurf attack, you must have an upstream firewall--preferably a border router--that can either filter ICMP echo responses or limit echo traffic to a small percentage of overall network traffic
UDP Flood
The User Datagram Protocol (UDP) Flood denial-of-service attack also links two unsuspecting systems. By spoofing, the UDP Flood attack hooks up one system's UDP chargen service, which for testing purposes generates a series of characters for each packet it receives, with another system's UDP echo service, which echoes any character it receives in an attempt to test network programs. As a result, a nonstop flood of useless data passes between the two systems.To prevent a UDP Flood, you can either disable all UDP services on each host in your network or--easier still--have your firewall filter all incoming UDP service requests. Since UDP services are designed for internal diagnostics, you could probably get by with denying UDP service access from the Internet community. But if you categorically deny all UDP traffic, you will rebuff some legitimate applications, such as RealAudio, that use UDP as their transport mechanism.

Land Attack:

In a Land attack--a simple hybrid of the SYN attack--hackers flood SYN packets into the network with a spoofed source IP address of the targeted system. Even with SYN fixes in place, a Land attack can cause problems for some systems. Although this type of attack is new, most OS vendors provide fixes.Another way to defend your network against the Land attack is to have your firewall filter out all incoming packets with known bad source IP addresses. Packets that come into your system with source IP addresses that identify them as generated from your internal system are obviously bad. Filtering packets will neutralize exposure to the Land attack.
Reply
seminar flower
Super Moderator
******

Posts: 10,120
Joined: Apr 2012
#5
29-09-2012, 11:31 AM

Ping of Death Seminar on Denial Of Service


.pdf   ping of death(denial of service).pdf (Size: 154.52 KB / Downloads: 24)

Abstract

The Ping of Death uses a ping system utility to create an IP packet that exceeds the maximum 65,536 bytes of data allowed by the IP specification. The oversize packet is then sent to an unsuspecting system. Systems may crash, hang, or reboot when they receive such a maliciously crafted packet. This attack is not new, and all OS vendors have fixes in place to handle the oversize packets.

Teardrop

The recently developed Teardrop attack exploits weaknesses in the reassembly of IP packet fragments. During its journey through the Internet, an IP packet may be broken up into smaller chunks. Each fragment looks like the original IP packet except that it contains an offset field that says, for instance, "This fragment is carrying bytes 600 through 800 of the original (nonfragmented) IP packet." The Teardrop program creates a series of IP fragments with overlapping offset fields. When these fragments are reassembled at the destination host, some systems will crash, hang, or reboot.

SYN Attack :

Weaknesses in the TCP/IP specification leave it open to SYN attacks, executed during the three-way handshake that kicks off the conversation between two applications. Under normal circumstances, the application that initiates a session sends a TCP SYN synchronization packet to the receiving application. The receiver sends back a TCP SYN-ACK acknowledgment packet and then the initiator responds with an ACK acknowledgment. After this handshake, the applications are set to send and receive data.But a SYN attack floods a targeted system with a series of TCP SYN packets. Each packet causes the targeted system to issue a SYN-ACK response. While the targeted system waits for the ACK that follows the SYN-ACK, it queues up all outstanding SYN-ACK responses on what is known as a backlog queue. This backlog queue has a finite length that is usually quite small. Once the queue is full, the system will ignore all incoming SYN requests. SYN-ACKs are moved off the queue only when an ACK comes back or when an internal timer (which is set at relatively long intervals) terminates the three-way handshake.A SYN attack creates each SYN packet in the flood with a bad source IP address, which under routine procedure identifies the original packet. All responses are sent to the source IP address. But a bad source IP address either does not actually exist or is down; therefore the ACK that should follow a SYN-ACK response will never come back. This creates a backlog queue that's always full, making it nearly impossible for legitimate TCP SYN requests to get into the system.

UDP Flood

The User Datagram Protocol (UDP) Flood denial-of-service attack also links two unsuspecting systems. By spoofing, the UDP Flood attack hooks up one system's UDP chargen service, which for testing purposes generates a series of characters for each packet it receives, with another system's UDP echo service, which echoes any character it receives in an attempt to test network programs. As a result, a nonstop flood of useless data passes between the two systems.To prevent a UDP Flood, you can either disable all UDP services on each host in your network or--easier still--have your firewall filter all incoming UDP service requests. Since UDP services are designed for internal diagnostics, you could probably get by with denying UDP service access from the Internet community. But if you categorically deny all UDP traffic, you will rebuff some legitimate applications, such as RealAudio, that use UDP as their transport mechanism.
Reply

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page

Quick Reply
Message
Type your reply to this message here.


Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  web spoofing full report computer science technology 13 8,914 20-05-2016, 11:59 AM
Last Post: Dhanabhagya
  REDTACTON A SEMINAR REPORT project girl 2 535 25-04-2016, 03:58 PM
Last Post: mkaasees
  seminar report on cyber terrorism pdf jaseelati 0 308 23-02-2015, 01:49 PM
Last Post: jaseelati
  microwind software free download jaseelati 0 260 23-02-2015, 12:47 PM
Last Post: jaseelati
  seminar report on internet of things jaseelati 0 361 29-01-2015, 04:51 PM
Last Post: jaseelati
  nano ic engine seminar report jaseelati 0 299 21-01-2015, 01:43 PM
Last Post: jaseelati
  google glass seminar report pdf jaseelati 0 326 21-01-2015, 01:41 PM
Last Post: jaseelati
  rolltop laptop seminar report jaseelati 0 273 17-01-2015, 03:15 PM
Last Post: jaseelati
  wireless video service in cdma systems wikipedia jaseelati 0 371 13-01-2015, 04:29 PM
Last Post: jaseelati
  credit card fraud detection using hidden markov model project download jaseelati 0 276 10-01-2015, 01:34 PM
Last Post: jaseelati