Home > Privacy, Security, Encryption > Sockstress: a New and Effective DoS AttackSockstress: a New and Effective DoS Attack David Adams 2008-10-07 Privacy, Security, Encryption 7 Comments“Denial of Service attacks aren’t new, yet they persist in being effective methods of denying access to resources on the Internet. Now meet Sockstress, the newest version of DoS attacks and potentially the most devastating of the bunch.” About The Author David AdamsFollow me on Twitter @david_adams 7 Comments Bill Shooter of Bul 2008-10-07 4:15 pm EST Fydoor was explaining the typical DOS attack. Nothing really new with that. He also explained the different ways to selectively target resources to bring down the machine. I don’t think that’s particularly new either. As they haven’t published details, its difficult to tell what, if anything, makes it distinct. Soulbender 2008-10-07 4:23 pm EST and it’s even harder to asses if it’s “most devastating of the bunch.” without knowing jack about it.But hey, hype sells. Fahrbot 2008-10-08 7:29 am EST It’s actually very serious. What makes it new is that it’s easy to do and does not take much resources to accomplish the DoS attack. It is basically a way to get around the problem syn cookies was supposed to fix. If you want to learn more about it I suggest listening to episode #164 of Security Now. http://www.grc.com/securitynow.htm Soulbender 2008-10-08 8:00 am EST Oh yeah, GRC. A truly reliable source for security information. Gibson would never be caught hyping anything (raw sockets will doom the internet!) out of proportion. zombie process 2008-10-08 12:41 pm EST Steve is w/o a doubt a kook, but he’s also usually correct, even when he drastically overstates things. An unpopular opinion, I’m aware. obsidian 2008-10-08 9:20 am EST This sounds like such a simply-structured attack that I wouldn’t mind betting that OpenBSD took care of this about five years ago. Given that apparently all that is required to foil it is to block the offending IP address, pf would look at an “attack” like this and say “come on now, gimme something hard to do….” bert64 2008-10-08 9:22 am EST There was a tool called 3wahas that does exactly this, and was released many years ago, back in the late 90s if i remember.