Home Securitate Services Resources Security Links Feedback Search T Network
Basic Targets
Forward | Introduction | Basic Targets | Outside Attacking | Inside Attacking | Dumping Core | System Protection | Suggested Reading | Copyright & Disclaimer

EN RO

Home
Up

.B. SOME BASIC TARGETS FOR AN ATTACK

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

.B.1. SWAP SPACE

----------------

Most systems have several hundred Mbytes of swap space to service client requests. The swap space is typical used for forked child processes which have a short life time. The swap space will therefore almost never in a normal cause be used heavily. A denial of service could be based on a method that tries to fill up the swap space.

.B.2. BANDWIDTH

---------------

If the bandwidth is to high the network will be useless. Most denial of service attack influence the bandwidth in some way.

.B.3. KERNEL TABLES

-------------------

It is trivial to overflow the kernel tables which will cause serious problems on the system. Systems with write through caches and small write buffers is especially sensitive. Kernel memory allocation is also a target that is sensitive. The kernel have a kernelmap limit, if the system reach this limit it can not allocate more kernel memory and must be rebooted. The kernel memory is not only used for RAM, CPU:s, screens and so on, it it also used for ordinaries processes. Meaning that any system can be crashed and with a mean (or in some sense good) algorithm pretty fast. For Solaris 2.X it is measured and reported with the sar command how much kernel memory the system is using, but for SunOS 4.X there is no such command. Meaning that under SunOS 4.X you don't even can get a warning. If you do use Solaris you should write sar -k 1 to get the information. netstat -k can also be used and shows how much memory the kernel have allocated in the subpaging.

.B.4. RAM

---------

A denial of service attack that allocates a large amount of RAM can make a great deal of problems. NFS and mail servers are  actually extremely sensitive because they do not need much RAM and therefore often don't have much RAM. An attack at  a NFS server is trivial. The normal NFS client will do a great deal of caching, but a NFS client can be anything including the program you wrote yourself...

.B.5. DISKS

-----------

A classic attack is to fill up the hard disk, but an attack at the disks can be so much more. For example can an overloaded disk be misused in many ways.

.B.6. CACHES

-------------

A denial of service attack involving caches can be based on a method to block the cache or to avoid the cache. These caches are found on Solaris 2.X:

  • Directory name lookup cache: Associates the name of a file with a vnode.
  • Inode cache: Cache information read from disk in case it is needed again.
  • Rnode cache: Holds information about the NFS filesystem.
  • Buffer cache: Cache inode indirect blocks and cylinders to realed disk I/O.

.B.7. INETD

-----------

Well once inetd crashed all other services running through inetd no longer will work.

[UP]

Google

 

Tip-Top-Hot Web Sites

 


Back Home Up Next

 

Privacy Policy | Terms of Service
© 1999 - 2008, MultiMedia SRL
Send articles and materials to be published on this website to: Publishing
If you see unauthorized or illegal materials on this website, please send an e-mail to: Abuse