Understanding and surviving DDoS attacks |
|
|
A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to exhaust computer's resource intended to its users. Even though the means of execution, motives for, and targets of an attack may vary, it generally consists of the concerted, malevolent efforts of a person or persons to prevent a website or service from serving the clients efficiently or at all, temporarily or indefinitely
Perpetrators of DDoS attacks generally target services or sites located on high-profile web servers such as credit card processing gateways, banks, and even DNS root servers.
One common method of attack involves saturating the target (victim) machine with external communications requests, such that it cannot respond to legitimate traffic, or responds so slowly as to be rendered effectively unavailable.
In general terms, DDoS attacks are implemented by either forcing the targeted computer(s) to reset, or consume its resources so that it can no longer provide its intended service or obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.
Methods
The five basic types of attack are:
1. Consumption of computational resources, such as bandwidth, disk space, or processor time
2. Disruption of configuration information, such as routing information.
3. Disruption of state information, such as unsolicited resetting of TCP sessions.
4. Disruption of physical network components.
5. Obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.
A DoS attack may include execution of malware intended to:
Max out the processor's usage, preventing any work from occurring.
Trigger errors in the microcode of the machine.
Trigger errors in the sequencing of instructions, so as to force the computer into an unstable state or lock-up.
Exploit errors in the operating system to cause resource starvation and/or thrashing, i.e. to use up all available facilities so no real work can be accomplished.
Crash the operating system itself.
iFrame (D)DoS, in which an HTML document is made to visit a webpage with many KB's of information many times, until they achieve the amount of visits to where bandwidth limit is exceeded.
Surviving attacks
The easiest way to survive an attack is to have planned for the attack. Having a separate emergency block of IP addresses for critical servers with a separate route can be invaluable.
A separate route (perhaps a DSL) is not that extravagant, and it can be used for load balancing or sharing under normal circumstances and switched to emergency mode in the event of an attack.Filtering is often ineffective, as the route to the filter will normally be swamped so only a trickle of traffic will survive.
Armoraid DDoS filtering solution is the most effective way to be protected from a sudden DDoS attack
|
|
|
World security news |
|
|
 Fri, 30 Jul 2010 00:38:05 |
|
| Inside Black Hat: Day 2 at the Security Conference |
|
| More highlights from the Black Hat security conference in Las Vegas. On day two of briefings, mobile security, cyber-war and weaknesses in HTTPS were among the issues that surfaced. - LAS VEGAS Day two of briefings
at the Black Hat security conference produced some interesting moments here in Las
Vegas. The day began with a keynote from former
National Security Agency (NSA) Director Ret. Gen. Michael Hayden, and included
everything from mobile security to weaknesses in HTTPS....
|
|
|
| Thu, 29 Jul 2010 20:41:44 |
|
| McAfee to Buy Mobile Security Vendor TenCube |
|
| For the second time in as many months, McAfee announces plans to push into the mobile security market via acquisition, this time targeting mobile security vendor TenCube for its remote location, wipe and locking technology. - McAfee announced plans July 29 to acquire mobile security vendor TenCube in
a continued push by the company to expand its capabilities for mobile devices.
The
move, made for an undisclosed sum, is the second purchase in the area of mobile
security that McAfee has made in the past few months. In ...
|
|
|
| Thu, 29 Jul 2010 17:24:11 |
|
| Former NSA Director Calls for Clear Understanding of Cyber-war |
|
| At the Black Hat security conference in Las Vegas, former NSA Director Michael Hayden examines the concept of cyber-war and the role attendees need to play. - As a former National Security Agency director, retired
Gen. Michael Hayden has seen firsthand the sometimes
nebulous realities of cyber-warfare.
During his keynote July 29 at the Black Hat security conference in Las
Vegas, Hayden discussed those realities,
emphasizing the importance of cle...
|
|
|
| Wed, 28 Jul 2010 23:16:05 |
|
| Inside Black Hat: Day One at the Security Conference |
|
| Some eWEEK highlights from day one of briefings at the Black Hat security conference in Las Vegas. - For those looking for information about the latest exploits, vulnerabilities
and information protection strategies, the first day of briefings at this
year's Black Hat conference in Las Vegas
was no disappointment. Jeff Moss, founder and director of Black Hat, started
the day out with this ques...
|
|
|
|
