本地DoS攻击
DoS可通过本地和远程进行攻击。攻击一般通过降低进程和存储能力,破坏文件以让资源不可用以及关闭系统或进程的某一部分等方式。其中本地攻击的方式通常有三种:process degradation, disp space exhaustion和index node(inode) exhaustion。
(1)Process Degradation
攻击者启动许多进程耗掉主机资源,产生许多进程填充系统进程表或让CPU过载。例如在Linux内核2.4.12以前,创建一个deep symbolic links便可阻止进程调度,从而让其它进程获取不到CPU时间,下面是mklink.sh脚本源代码:
![](/Images/OutliningIndicators/None.gif)
2
![](/Images/OutliningIndicators/None.gif)
3
![](/Images/OutliningIndicators/None.gif)
4
![](/Images/OutliningIndicators/None.gif)
5
![](/Images/OutliningIndicators/None.gif)
6
![](/Images/OutliningIndicators/None.gif)
7
![](/Images/OutliningIndicators/ExpandedBlockStart.gif)
8
![](/Images/OutliningIndicators/InBlock.gif)
9
![](/Images/OutliningIndicators/InBlock.gif)
10
![](/Images/OutliningIndicators/InBlock.gif)
11
![](/Images/OutliningIndicators/InBlock.gif)
12
![](/Images/OutliningIndicators/InBlock.gif)
13
![](/Images/OutliningIndicators/InBlock.gif)
14
![](/Images/OutliningIndicators/InBlock.gif)
15
![](/Images/OutliningIndicators/InBlock.gif)
16
![](/Images/OutliningIndicators/InBlock.gif)
17
![](/Images/OutliningIndicators/InBlock.gif)
18
![](/Images/OutliningIndicators/InBlock.gif)
19
![](/Images/OutliningIndicators/InBlock.gif)
20
![](/Images/OutliningIndicators/InBlock.gif)
21
![](/Images/OutliningIndicators/InBlock.gif)
22
![](/Images/OutliningIndicators/InBlock.gif)
23
![](/Images/OutliningIndicators/InBlock.gif)
24
![](/Images/OutliningIndicators/InBlock.gif)
25
![](/Images/OutliningIndicators/InBlock.gif)
26
![](/Images/OutliningIndicators/InBlock.gif)
27
![](/Images/OutliningIndicators/InBlock.gif)
28
![](/Images/OutliningIndicators/InBlock.gif)
29
![](/Images/OutliningIndicators/ExpandedBlockEnd.gif)
30
![](/Images/OutliningIndicators/None.gif)
31
![](/Images/OutliningIndicators/None.gif)
32
![](/Images/OutliningIndicators/None.gif)
33
![](/Images/OutliningIndicators/None.gif)
34
![](/Images/OutliningIndicators/None.gif)
35
![](/Images/OutliningIndicators/None.gif)
36
![](/Images/OutliningIndicators/None.gif)
37
![](/Images/OutliningIndicators/None.gif)
38
![](/Images/OutliningIndicators/None.gif)
39
![](/Images/OutliningIndicators/None.gif)
40
![](/Images/OutliningIndicators/None.gif)
41
![](/Images/OutliningIndicators/None.gif)
42
![](/Images/OutliningIndicators/None.gif)
43
![](/Images/OutliningIndicators/None.gif)
44
![](/Images/OutliningIndicators/None.gif)
45
![](/Images/OutliningIndicators/None.gif)
46
![](/Images/OutliningIndicators/None.gif)
47
![](/Images/OutliningIndicators/None.gif)
48
![](/Images/OutliningIndicators/None.gif)
49
![](/Images/OutliningIndicators/None.gif)
50
![](/Images/OutliningIndicators/None.gif)
51
![](/Images/OutliningIndicators/None.gif)
52
![](/Images/OutliningIndicators/None.gif)
53
![](/Images/OutliningIndicators/None.gif)
54
![](/Images/OutliningIndicators/None.gif)
55
![](/Images/OutliningIndicators/None.gif)
56
![](/Images/OutliningIndicators/None.gif)
57
![](/Images/OutliningIndicators/None.gif)
另一种本地DoS的方式是fork bomb,它对很多系统都存在,可以用很简单的shell或C实现,如
($0 & $0 &) //shell实现
(main(){for(;;)fork();}) //C实现
(2)Disk Space Exhaustion
该类型攻击包括阻止创建新文件,已存在的文件不能增长等。一些UNIX操作系统当根分区达到存储限制时便会崩溃,所以很多管理员都会为日志而建立一个新分区如/var,为用户建立一个独立的分区如/home等。如果没有这样建立,那可能就会被hacker利用,它们通过syslog产生许多日志以填充分区。
这样的攻击很容易,一个本地用户可以通过如下一条简单命令便把0填充到maliciousfile文件中,直到用户终止或分区被填充满。
cat /dev/zero > ~/maliciousfile
这类的攻击也可以通过mail bombing实施,不过mail很容易通过SMTP头进行跟踪。
(3)Inode耗尽
这类攻击一般是对于特定的文件系统,特别是UNIX文件系统。它通过耗尽所有可用的inode而发生。