This movie explains how multiple attack sources can be collected and targeted to create a distributed denial of service, as well how botnets are used to achieve this.
- [Voiceover] This course explains and demonstrates how a denial of service happens, and to do this, we'll use a virtual environment to make sure that our testing is as much as possible in its own sandbox. In addition, I've positioned a real Windows 10 host outside the sandbox to enable testing across networks. Let's take a look at the virtual environment. Here we have the VirtualBox manager and in it a list of hosts that we'll use for the testing. If you're not familiar with this environment, check out my Introduction to Kali Linux course in which I provide full details on installing and using VirtualBox.
The first host listed in the test environment is my Kali system. This is where most of my testing tools reside. Kali doesn't have a specific category for denial of service in it applications menu, but it has most of the tools already installed. I'll be using the tools from the command line in a terminal window, and where necessary, I'll be downloading and installing them. A list of the tools to be installed is in your Exercise Folder, so that you can pre-install them to save time as you go through the course.
I'll just run ifconfig to check the IP address for this host. We can see that it's 10.0.2.4. The next host listed is Metaspoitable. This is a Debian distribution which is deliberately weakened to support testing. I'm at the Metasploitable command line, and we can check out what services it exposes. This version of Debian doesn't support the services command, so I'll just check with Nmap what ports and services we have open.
We do this by entering nmap -PS 127.0.0.1. OK, that shows us a number of services available, including STP, SSH, Telnet, SMTP, HTTP, and MySQL. I'll just use ifconfig to check the IP address for this host. And we can see that it's 10.0.2.6.
We then go to Windows 7 system, which is used both to run Windows-based tools, but also to be a Windows 7 target. If we look at the right-hand panel under Shared folders, we can see that we have a shared folder in the host machine called VMShare. OK, we're now in the Windows 7 system, and if I press Windows-E I can get the directory listing and see VMShare has been mounted as E:. I'll open a command shell and check the IP address by typing ipconfig.
We can see the address is 10.0.2.10. OK, let's move on. Finally we have an Ubuntu server. OK, I'm at the Ubuntu prompt, and can again run ifconfig to check its IP address. I can see this server is 10.0.2.9 I'll run the service command and we can see it has a number of active services with a plus sign next to them, including NTP.
I'll be using this as my NTP server later in the course. That's the virtual environment, but there's also a Windows 10 external host. I can't access it via VirtualBox, but can do that using a remote access program called VNC to manage the system. The IP address for this system is 192.168.1.8. This is a Windows 10 server that runs an Atom processor, so it's a useful target for testing.
Note: Our Ethical Hacking series will map to the 18 parts of the EC-Council's certification exam. This course maps to the 09 Denial of Service domain.
- What is denial of service?
- SYN flooding
- Smurf and URL flooding
- Deauthenticating a wireless host
- Flooding HTTP
- Using BlackEnergy
- Flooding SIP
- Detecting DoS with PeerShark
- Defeating DoS attacks