Understanding and surviving DDoS attacks |
|
|
A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to exhaust computer's resource intended to its users. Even though the means of execution, motives for, and targets of an attack may vary, it generally consists of the concerted, malevolent efforts of a person or persons to prevent a website or service from serving the clients efficiently or at all, temporarily or indefinitely
Perpetrators of DDoS attacks generally target services or sites located on high-profile web servers such as credit card processing gateways, banks, and even DNS root servers.
One common method of attack involves saturating the target (victim) machine with external communications requests, such that it cannot respond to legitimate traffic, or responds so slowly as to be rendered effectively unavailable.
In general terms, DDoS attacks are implemented by either forcing the targeted computer(s) to reset, or consume its resources so that it can no longer provide its intended service or obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.
Methods
The five basic types of attack are:
1. Consumption of computational resources, such as bandwidth, disk space, or processor time
2. Disruption of configuration information, such as routing information.
3. Disruption of state information, such as unsolicited resetting of TCP sessions.
4. Disruption of physical network components.
5. Obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.
A DoS attack may include execution of malware intended to:
Max out the processor's usage, preventing any work from occurring.
Trigger errors in the microcode of the machine.
Trigger errors in the sequencing of instructions, so as to force the computer into an unstable state or lock-up.
Exploit errors in the operating system to cause resource starvation and/or thrashing, i.e. to use up all available facilities so no real work can be accomplished.
Crash the operating system itself.
iFrame (D)DoS, in which an HTML document is made to visit a webpage with many KB's of information many times, until they achieve the amount of visits to where bandwidth limit is exceeded.
Surviving attacks
The easiest way to survive an attack is to have planned for the attack. Having a separate emergency block of IP addresses for critical servers with a separate route can be invaluable.
A separate route (perhaps a DSL) is not that extravagant, and it can be used for load balancing or sharing under normal circumstances and switched to emergency mode in the event of an attack.Filtering is often ineffective, as the route to the filter will normally be swamped so only a trickle of traffic will survive.
Armoraid DDoS filtering solution is the most effective way to be protected from a sudden DDoS attack
|
|
|
World security news |
|
|
 Sun, 05 Feb 2012 06:12:51 -0500 |
|
| Motorola Xoom Tablets Sold With User Data on Woot |
|
| Motorola Mobility's troubles with the Android Honeycomb-based Xoom tablet continue as nearly 100 WiFi Xoom devices were accidentally resold with user data on them. - Motorola
Mobility (NYSE:MMI) Feb. 3 said that it failed to wipe some user data from
roughly 100 out of a batch of 6,200 Motorola Xoom WiFi tablets that were
refurbished and resold via daily deals Website Woot between October and
December 2011.
Original
owners who performed a factory data reset... |
|
|
| Sat, 04 Feb 2012 11:03:42 -0500 |
|
| Google Bouncer Gives Android Market Some Security Muscle |
|
| NEWS ANALYSIS: The Android Market was kind of like the Wild West until Google Bouncer showed up as the new sheriff in town. - As peculiar as the after-the-fact announcement of Google
Bouncer may have been, it was still good news. Perhaps Google was ramping up,
trying to make sure that its Bouncer would work as intended and be able to
handle the flood of new apps submitted to the Android Market. Perhaps the
company just... |
|
|
| Sat, 04 Feb 2012 09:02:45 -0500 |
|
| VeriSign Breach Not A Surprise, Attackers Target Everyone |
|
| The VeriSign breach is an example of how no one is too secure or too big to be attacked. Security experts said targeted attacks on "high value" companies will continue. - Companies get breached. That's the lesson of 2011. Large or
small, no organization is immune to attacks.
The VeriSign breach was just another day of business as usual for the
bad guys.
Campaigns such as Operation Shady Rat, disclosed by McAfee,
and Nitro, disclosed by Symantec, showed how eve... |
|
|
| Sat, 04 Feb 2012 09:02:26 -0500 |
|
| Researchers Need to Focus on Defenses, Not Bug Hunting: Adobe |
|
| Adobe wants researchers to focus on mitigation technologies that make it expensive for attackers to launch attacks, not hunting bugs. - CANCUN,
Mexico – Security researchers need to shift their attention away from hunting
for vulnerabilities and start thinking about ways to make it difficult create
exploits, according to a security expert from Adobe.
There is too much focus on vulnerabilities and defects in
software, Brad Arkin... |
|
|
|
