Home > Privacy, Security > Sockstress: a New and Effective DoS AttackSockstress: a New and Effective DoS Attack David Adams 2008-10-07 Privacy, Security 7 Comments“Denial of Service attacks aren’t new, yet they persist in being effective methods of denying access to resources on the Internet. Now meet Sockstress, the newest version of DoS attacks and potentially the most devastating of the bunch.”About The Author David AdamsFollow me on Twitter @david_adams 7 Comments 2008-10-07 4:15 pm Bill Shooter of BulFydoor was explaining the typical DOS attack. Nothing really new with that. He also explained the different ways to selectively target resources to bring down the machine. I don’t think that’s particularly new either. As they haven’t published details, its difficult to tell what, if anything, makes it distinct. 2008-10-07 4:23 pm Soulbenderand it’s even harder to asses if it’s “most devastating of the bunch.” without knowing jack about it.But hey, hype sells. 2008-10-08 7:29 am FahrbotIt’s actually very serious. What makes it new is that it’s easy to do and does not take much resources to accomplish the DoS attack. It is basically a way to get around the problem syn cookies was supposed to fix. If you want to learn more about it I suggest listening to episode #164 of Security Now. http://www.grc.com/securitynow.htm 2008-10-08 8:00 am SoulbenderOh yeah, GRC. A truly reliable source for security information. Gibson would never be caught hyping anything (raw sockets will doom the internet!) out of proportion. 2008-10-08 12:41 pm zombie processSteve is w/o a doubt a kook, but he’s also usually correct, even when he drastically overstates things. An unpopular opinion, I’m aware. 2008-10-08 9:20 am obsidianThis sounds like such a simply-structured attack that I wouldn’t mind betting that OpenBSD took care of this about five years ago. Given that apparently all that is required to foil it is to block the offending IP address, pf would look at an “attack” like this and say “come on now, gimme something hard to do….” 2008-10-08 9:22 am bert64There was a tool called 3wahas that does exactly this, and was released many years ago, back in the late 90s if i remember.