What is DDOS and How You Can Better Protect Yourself From This Dangerous Attack

DDOS is a term which means distributed denial-of-service. It is also known as a crash or smurf. It’s an attack which happens on a software level per se because your site is rendered useless temporarily or permanently through incoming requests.

This eventually turns into an attack that can be big enough to slow down your site’s function, consume it’s resources or even stop it from communicating effectively online. In this case, it’s paralyzed. Check out Encyclopaedia Dramatica which goes into detail with humorous pictures about how a denial of service works or even Cert’s article on DDOS and what you can do about it. CNet also wrote about the difference between connections so you know what’s a regular request, a DDOS and one that’s filtered to protect you from a DDOS attack.

DDoS Attack depictionHackers tend to use this type of attack and it even has spawned different variations as attacks become more sophisticated towards more intelligent systems. Dmitry Tarkanov talks about Black DDOS over at SecureList and explains how one type of DDOS process works. Team Cymru also provides you in-depth reading towards DDOS Basics in their whitepapers section. Jelena Mirkovic also has written a journal on A Taxonomy of DDoS Attack and Defenses. There’s also a cheatsheet towards considering, preparing and analyzing DDOS if they do occur from Lenny Zeltser.

The thing is these types of attacks are being created everyday to test systems as well. So if you think of it in terms of lab experiments, it takes on a nightmare of it’s own in the real world. It’s essential to know what’s going on to protect your site from future losses.

To put it into perspective, here’s what happened and what’s going on right now in the world:

  • PCs Used in Korean DDoS Attacks May Self Destruct
  • DDoS Attackers Continue Hitting Twitter, Facebook, Google
  • Did Russia Launch  A DDoS Against Twitter, Facebook, YouTube and LiveJournal in Order to Silence One User?
  • Guilty Plea in ‘Anonymous’ DDoS Scientology Attack

These examples are enough to show you on a global scale how dangerous DDOS attacks can be. I would think my site has nothing to give to hackers and they have no reason to attack my site. But then again, if I had created enemies, DDOS is a great way to render my voice useless via bringing my site down.

This is a dangerous problem in the online world today. While you may think that your site is not susceptible to DDOS attacks, think again. Sites are being hit everyday and a lot of money are being lost because of it. A LOT!

DDOS Attack cartoonBefore we go all Sherlock Holmes and point the finger at a recent conversation we’ve been in which might of resulted in your site’s downtime, let’s backtrack. Look at the evidence and the facts on what’s really going on.

What’s your host saying? Some things are coincidental and some things are beyond our imagination in doing. If you can imagine it, it’s possible but is the attacker whom you’re pinpointing your blame towards capable of such technical know how?

I would think not. But then again, I could be wrong. It only takes a program, a few plugins or some modifications which loads the script you want and attack! There goes your site.

Reality Check, Another Side to DDoS

On the other hand, let’s not get ahead of the real problem and that is:

  • your site is still down
  • your host is trying to fix it via a hardware issue (or so they say, my downtime article explains this)
  • your site is now experiencing a DDOS

Contrary to downtime, the hit towards my web host produced the status below.

Server Status DDOSWhat is really going on?

Servers can experience issues when they are upgraded and normally these issues would include a few things – exploits, buffers or holes. Microsoft is notorious for this because they’re always distributing patches which covers up the security holes we so frequently have. Thus, you might be familiar with their security updates.

Software in general is not very streamlined to handle all tasks. Programmers kind of take it as it come to make the future versions better. So if you often see something like a changalog or a log of changes which shows the bugs and the modifications repaired, you’ll understand that documentation of work is an ongoing process much like downtime.

The thing is these problems can also create a DDOS via hardware issues. So rather than having the granduer notion of being attacked by a hacker. Think of it in terms of a software program which is written incorrectly and not really tested accordingly.

It’s the main reason beta versions are released everyday so that users can challenge the programmers in which they can finalize products. Some hosting providers now will allow you to purchase a premium service which will attach itself to your server’s DNS and bounce off DDOS attacks if detected. That might be something to consider if going big is something you want with your site.

Here are some resources to better educate you on DDOS. I’ve mentioned them in the beginning of the article but I’ll list them here again for your convenience.

Bir cevap yazın

E-posta hesabınız yayımlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir