These types of attacks flood the network to the point where legitimate subscribers can
no longer gain access to the communications services they need, eventually leading to
the shutdown of many systems when they reach their capacity for traffic.
One way of accomplishing this today is to send a request with a false or spoofed IP
address and corresponding VIA header making it look like it came from a legitimate
subscription. Sending the request to many different entities within the network would
result in a flood of responses network-wide.
For example, in an IMS domain, the CSCFs would receive the message, recognize
that the IP address was invalid, and respond with a 4xx error response. If the message
were routed to many different portions of the network, this would result in numerous
CSCF functions receiving and responding to the message, causing the congestion in
responses.
Of course a DoS attack could just as easily be something as simple as launching millions
of session requests at one time, using a call generator or computer. The end result
would of course be instant congestion in the network, and the denial of service to all
devices attempting connection.
This is actually much easier than most would like to believe. Through the use of BOTs
and a BOTNET, millions of calls could be generated into the network simultaneously
under one command, resulting in a widespread DoS attack on the entire network.
Pages:
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294