Any time you make resources publicly accessible over the Internet or even to a small community over an internal network, it is important to consider the risk of denial-of-service (DoS) attacks. DoS attacks can be frustrating and can be very costly at times. Worst of all, these threats can often be some of the most difficult ones to mitigate. To be able to properly assess the threat to your network and information resources, you must understand the types of DoS threats that exist and the trends associated with them. This chapter will include the following recipes to evaluate DoS threats:

• Fuzz testing to identify buffer overflows
• Remote FTP service buffer overflow DoS
• Smurf DoS attack
• DNS amplification DoS attack
• SNMP amplification DoS attack
• SYN flood DoS attack
• Sock stress DoS attack
• DoS attacks with Nmap NSE
• DoS attacks with Metasploit
• DoS attacks with the exploit database