Which of the following attacks impact the availability of a system? (Select TWO).
A.
Smurf
B.
Phishing
C.
Spim
D.
DDoS
E.
Spoofing
Explanation:
A smurf attack is a type of network security breach in which a network connected to the Internet is
swamped with replies to ICMP echo (PING) requests. A smurf attacker sends PING requests to an
Internet broadcast address. These are special addresses that broadcast all received messages to
the hosts connected to the subnet. Each broadcast address can support up to 255 hosts, so a
single PING request can be multiplied 255 times. The return address of the request itself is
spoofed to be the address of the attacker’s victim. All the hosts receiving the PING request reply to
this victim’s address instead of the real sender’s address. A single attacker sending hundreds or
thousands of these PING messages per second can fill the victim’s T-1 (or even T-3) line with ping
replies, bring the entire Internet service to its knees.
Smurfing falls under the general category of Denial of Service attacks — security attacks that don’t
try to steal information, but instead attempt to disable a computer or network.
A Distributed Denial of Service (DDoS) attack is an attack from several different computers
targeting a single computer.
One common method of attack involves saturating the target machine with external
communications requests, so much so that it cannot respond to legitimate traffic, or responds so
slowly as to be rendered essentially unavailable. Such attacks usually lead to a server overload.
A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or
resources of a targeted system, usually one or more web servers. Such an attack is often the
result of multiple compromised systems (for example a botnet) flooding the targeted system with
traffic. When a server is overloaded with connections, new connections can no longer be
accepted. The major advantages to an attacker of using a distributed denial-of-service attack arethat multiple machines can generate more attack traffic than one machine, multiple attack
machines are harder to turn off than one attack machine, and that the behavior of each attack
machine can be stealthier, making it harder to track and shut down. These attacker advantages
cause challenges for defense mechanisms. For example, merely purchasing more incoming
bandwidth than the current volume of the attack might not help, because the attacker might be
able to simply add more attack machines. This after all will end up completely crashing a website
for periods of time.