What is a DDoS attack and how to stop it?

DDoS

Lately DDoS attacks have been on the agenda. After the closure of Megaupload, the Anonymous collective lay back by this technique places the US Department of Justice and Universal, among others.

But in what really is a DDoS attack? What affects the server, and what effects can it cause? How effective is a DDoS attack as a means of protest? In this article we will attempt to explain these issues easily.

What is a DDoS attack?

DDoS stands for Distributed Denial of Service. The translation is “distributed denial of service attack” and retranslated means that the server is attacked from many computers to stop working.

DDoS
Image Source: Google Image

But still this does not lead us much about what a DDoS. To explain I’ll use a simple analogy in which our server is an auxiliary that serves people in a window.

Our assistant is very efficient and is able to accommodate several people at once without breaking a sweat: it is its normal load. But one day begin to get hundreds of people to the window to ask for things to our aid. And like any normal human, when busy nagging can not serve all and start addressing slower than normal. If he comes even more people will probably end up noses, it will leave the window and no longer serve anyone else.

On the server is the same: when there are too many requests it runs out of resources, it hangs and stops working . You may goes directly or just stop responding connections.Either of the two forms, the server does not return to normal until the attack stops, either because the attackers have stopped or because I managed to block illegitimate connections (see later how) and restart everything has stopped working.

This is the basic concept of DDoS, but can be modified to make it more effective. For example, you can send the data very slowly causing the server consume more resources per connection.

How it is carried out a DDoS attack?

As the basic concept of DDoS is simple, make attacks is relatively easy. In fact, it would be that there was a large enough number of people recharging the web continuously to throw. However, the tools that are commonly used are somewhat more complex .

With them you can create many simultaneous connections or altered send packages with techniques that I said before. They also allow change packages as source IP putting a fake IP, so that they can not detect who the real attacker .

Another technique for carrying out the DDoS is to use botnets: networks infected by a Trojan and an attacker can remotely control computers. In this way, cluttering the server computers are people who do not know they are participating in a DDoS attack, so it is harder to find the real attacker.

How does a DDoS to a web?

It depends on the attack and the server. The server can be protected against these attacks with filters to reject malformed or modified with false IP packets so that the server only legitimate packets will arrive. Of course, the measures are not infallible and the server can always finish saturated if the attack is sufficiently massive and well prepared.

To give you an idea of the volume required for a DDoS is effective, down have a graph representing traffic from a server over time. Traffic during the attack (green) is so great that just the normal server traffic is appreciated.

And what happens when the server is saturated? Simply becomes unavailable for a while until the attack stops. It is very difficult for physical damage to the server. In addition, the DDoS alone is not allowed to enter the server: this requires exploit a vulnerability, and that’s not easy.

So basically a DDoS can only bring down the web, nothing more . Depending on the type of web this can be a disaster or not. If the web generates money (online sales, advertising), the owner fails to make money while the web is down. Imagine the losses you can have Amazon, for example, if your page is down for one day.

But what happens when the page is simply informative, such as those of public institutions? The truth is that not much happens. The institution does not depend on the web to run. Instead they often use internal networks that are not accessible from the Internet, only from within the institution itself, so they are not affected by the attack. All that happens is that you want to see some information on that page will have some time expected to be available.

This inevitably leads me to ask the question: do they DDoS as a means of protest? The answer depends on the person, but I have my very clear position: no good.

We have seen that in websites that are not commercial DDoS has a very limited impact. The institution does not annoy too much and like too many people are not required to carry out the attack may say it is a “minority group” the protester.

But not only that they do not produce many positive effects: produce negative effects. The internet foreign people usually associate “hacking” with “hackers” and those with “dangerous people”. To give some court this association is very easy with no arguments disqualifying the protests, because who is going to support, discuss or listen to “dangerous people”?

In addition, this type of protest could be described as “violent” is a direct attack after all. And as always, if you protest in this way against any initiative, to support it refuse in round to listen.

More reviews on: http://savourytraveller.com/

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.