常见DoS攻击

1、Figure 4-1 SYN Flood DoS Attack

SYN Flood DoS Attack is that the attacker will send TCP SYN packets in an attempt to make many half-open TCP connections. Memory is allocated for each false connection causing the victim to run out of memory and crash.
And SYN Flood DoS Attack can cash bots too, for bots cannot deal with so many acks.
When it comes to DDoS attack, a lot of bots are needed.

SYN洪泛攻击：不断发送 TCP SYN 报文，建立 TCP 半连接，消耗内存导致崩溃，这种攻击也会导致肉机的崩溃。注意，这里是DoS攻击，不是DDoS攻击，并不是分布式多机器参与攻击。

2、Figure 4-7 Peer-to-peer (P2P) redirect DoS attack

Peer-to-peer redirect attack uses many hosts’ P2P packages to overwhelm a victim using normal P2P traffic. The attacker needs to do is to convince the other users that the P2P server has changed to the victim host. And this action will induce the traffic to victim host.

P2P重定位攻击：让其他P2P用户相信 被攻击机器 是 P2P服务器，流量就会自动导过去。

3、Figure 4-8 Reflected DoS attack

The attacker sends spoofed requests to several servers. Servers then send all responses to the victim, so that the victim cannot deal with the traffic and then crash.

伪造受害机向很多服务器发送请求，服务器就会一起向受害机发送大量垃圾信息。

4、Figure 4-9 Smurf Flood

The attacker sends a spoofed ICMP request to a router, so that the router will Broadcast a message to all internal hosts. And internal hosts will send responses to the victim, so that the victim cannot deal with the traffic and then crash.

Smurf 洪泛攻击：攻击者发送虚假ICMP回送报文到路由器，源ip地址填写受害机，广播会使路由器回送请求到所有内网机器。内部机器一起回复受害机，就会崩溃。

5、Figure 4-16 ARP Poisoning

The attacker sends all internal hosts a continuous stream of spoofed ARP replies saying the gateway is at a wrong address. Hosts will change its arp map record the gateway’s IP address and nonexistent MAC address. Internal hosts will send all traffic intended for the gateway to the wrong address, and these package will be dropped, this procedure will cause the hosts are off line.

arp dos攻击：攻击者一直发送网关路由是错误的，主机就会把自己的路由表修改，这样发送的包都会被交换机丢弃，所以大家都连不上网了。