Wondering if anyone can help me out with this question. How does DOS effect the internal and external users? What would be some examples?
2007-01-09 14:39:43 · 1 answers · asked by Anonymous in Computers & Internet ➔ Security
A great question that I can break down for you in a matter of a few paragraphs:
DOS can be a nasty thing and pose an avenue of attacks to overwhelm vital services on a machine. It can also be used to shut down mail servers. It can attack a vulnerable web server that isn't configured correctly by attempting to connect to it sometimes 100's times a minute. Hackers use DOS to not necessarily infiltrate and collect data, but cost business thousands of dollars for downtime to mission critical systems.
DOS can effect External users who depend on a public webserver on your external network to be up in functional. Web Servers that are public should always have a border router in front of them to prevent them from easy attacks. The router offers some protection by using ACL's (Access Control Lists) to regulate what types of packet can reach public webservers that are located in "DMZ" Demilitarized Zones. Imagine a DMZ as zoned off portion of the network where publicly accessible servers reside. Webservers that are publicly accessible should never be able to communicate with your Intranet which is your internal network. By separating your internal and external networks with a Firewall, a hacker that breaks into the webserver that is public should not be able to easily penetrate your internal network, and the damage caused will be minimal in most cases.
If you had a public webserver that was sitting on your Internal network which was behind a firewall and not in a DMZ, you would still be at great risk because the hacker, can easily connect to the public webserver through open ports form the Internet. From the webserver that is internal he would be able to run DOS and attack the entire network and internal users as well.
So the reason to implement a DMZ to protect against DOS is as follows:
DMZ's are in place behind border routers to segment external users which are only allowed to connect to servers that are accessible to the public. External users over the Internet should not have the ability to access private webservers that reside internally on the Intranet. There is more example of DOS attacking mail-servers as another example as well. Good luck if you have anymore questions let me know.
V/R,
Skully da Network Security Engineer
2007-01-09 17:20:48 · answer #1 · answered by SKULL 4 · 0⤊ 0⤋