Damn Dirty DoS Attacks - Dedicated To Your Destruction
(Page 3 of 4 )
A distributed denial of service (DDoS) attack happens when multiple systems are compromised at once (effectively making them part of a botnet) using malicious techniques, like malware and trojans. They are then used to flood the bandwidth of a system of web servers. The main difference between DDoS and DoS is that a distributed attack uses multiple systems to attack a system whereas a single host is used in a standard DoS. So it's no wonder that DDoS is the preferred method of attack simply because it generates more attacks and it is much more difficult to defend against and stop.
One common distributed attack involves exploiting the bugs on peer-to-peer servers. One interesting difference, though, is that these attacks don't use botnets. The attacker simply tells the peer-to-peer users to disconnect from the p2p network and connect to a chosen victim's website. Open the floodgates! A successful p2p attack will send several thousand hosts connecting to the target site per second and a typical server can only handle a few hundred connections per second. Needless to say, the server will fail instantly, especially with up to a quarter of a million connections at a time.
A reflected attack is much like the ICMP/smurf attacks I mentioned earlier. The attacker once again “spoofs” the source address to that of the intended victim and sends communication requests to a large number of Internet servers, which then send their responses back. Of course, when this attack is distributed, the level of disruption and damage is multiplied by the the number of hosts executing the attack.
Some distributed attacks can occur at the application level, such as with Internet Relay Chat. This usually happens when the maximum number of messages specified on the IRC server is exceeded and the messages are stored in a buffer until they can be sent. Once the buffer is filled, the user is automatically disconnected. A “banana attack” is another specific type of attack that involves sending a client's messages back to itself, thereby preventing it from communicating with outside sources and of course, flooding the system. Finally, a fork bomb is an attack that can trigger a process to continually run other processes until the system shuts down.
This is just a sample of the number of DoS attacks that can be implemented at any given time. There are ways to prevent them from happening to you, but you'll have to move on to the next section to find out what they are.
Next: Is There Any Hope? >>
More Web Hosting Articles Articles
More By Michael Lowry
