What the DDoS Attacks and Spybot?
Lately many sites that get a DDoS attacks and spybot that causes the server into downtime. DoS attacks (Denial of Service attacks) is a type of attack on a computer or server in the Internet network by spending resources (resource) owned by that computer until the computer is not able to function properly, thus indirectly prevent other users from gain access to the services of the attacked computers.
In a Denial of Service (DoS) attack, the attacker will try to prevent a user access to a system or network using several different ways, including the following:
- Flooding the network traffic with a lot of data so that network traffic is coming from unregistered users will be unable to enter into the network system. This technique is referred to as traffic flooding.
- Flooding the network with a lot of requests to a network service provided by a host so that requests are coming from a registered user can not be served by such services. This technique is referred to as a request flooding.
- Interfere with communication between a host and a client that is registered by using a lot of different ways, including by changing the system configuration information, or even the physical destruction of the components and servers.
As a form of Denial of Service attacks are attacks initial SYN Flooding Attack, which first appeared in 1996 and exploit the weaknesses contained in the Transmission Control Protocol (TCP). Other attacks finally developed to exploit vulnerabilities present in the operating system, network services or applications to make that system, network service, or application can not serve the user, or even crash.
Some of the tools used to perform DoS attacks was developed after it (even some freely available tools), including Bonk, LAND, Smurf, Snork, WinNuke, and Teardrop.
Nevertheless, attacks against the TCP DoS attacks are most frequent. This is because the other type of attack (as well as filled the hard disk in the system, locking one valid user account, or modify the routing table in a router) requires network penetration in advance, the possibility of penetration is small, especially if the network system has been strengthened.
Distributed DoS attacks (DDos Attack)
Distributed Denial of Service (DDoS) is one type of denial of service attacks that use multiple host attacker (either using a dedicated computer for an attack, or a computer that “forced” into a zombie) to attack a single target host within a network.
Denial of Service Attacks classic is “one on one”, so it takes a host is strong (be it of the processing power or operating system) in order to flood the traffic target host so as to prevent a valid client to access network services on a server that is targeted for attack. DDoS attacks using more sophisticated techniques than with Denial of Service (DoS) classic, namely by increasing the attack several times by using multiple computers at once (distributed), which would cause a server or entire network segments can be “not useful at all “for the client.
These types of DDoS attacks first appeared in 1999, three years after the Denial of Service attack is a classic appear, using SYN Flooding attack, which resulted in some web servers on the Internet run into “downtime”. In early February 2000, a major attack carried out so that some well-known websites such as Amazon, CNN, eBay, and Yahoo! experiencing “downtime” for a few hours. More recent attacks ever launched in October 2002 when nine of the 13 DNS root servers were attacked using very large DDoS called “Ping Flood”.
At the peak of the attack, some of the server in each second request to get more than 150,000 packages Internet Control Message Protocol (ICMP). Fortunately, because of the attacks carried out only for half an hour, the Internet traffic is not too affected by the attack (fortunately not all of them were damaged).
Unlike the result being a very high complexity (for network and server administrators who perform server improvements result of the attack), theory and practice to make it simple DDoS attack, which is as follows:
- Running the tool (usually in the form of programs (software) is small that will automatically scan the network to find hosts that are vulnerable (vulnerable) are connected to the Internet. After vulnerable hosts are found, the tool can install one kind of Trojan Horse called as DDoS Trojan, who will lead the hosts into zombies that can be controlled remotely (remote) by a master computer used by the original attacker to launch an attack. Some tools (software) that is used to carry out attacks fetched as this is the TFN, TFN2K , Trinoo, and Stacheldraht, which can be downloaded for free on the Internet.
- When the assailant was already getting sufficient numbers of hosts (as a zombie) to carry out the attack, the attacker will use to signal the master computer network attack against the target or the target host. These attacks are usually carried out by using some form of SYN Flood or scheme DoS attacks are simple, but because it is done by a lot of zombie hosts, then the amount of network traffic created by them is very large, so “devour” all the resources of the Transmission Control Protocol contained in the computer or the target tissue and can lead to a host or network is experiencing “downtime”.
Almost all computer platforms can be hijacked as a zombie to do an attack like this. Systems are popular, some sort of Solaris, Linux, Microsoft Windows and several UNIX variants can be a zombie, if the system or applications running on it has a weakness exploited by attackers. Some examples of DoS attacks are:
- Buffer Overflow Attacks, transmit data that exceeds the capacity of the system, eg ICMP packets, which are very large.
- SYN attack, TCP SYN transmit data with a fake address.
- Teardrop attack, sending IP packets with a confusing offset value.
- Smurf attack, sending a large volume of ICMP packets with the address of another host.
- ICMP Flooding.
For those of you who have a problem with the computer, be careful if you visit a site is not clear, it could be that you click is malware that is in charge of recording your data or various other kinds of hacker attacks. So, you must diligently update your software and regularly check your computer with antivirus. may be useful.
Latest posts by Asep Ulchre (see all)
- Hardening HTTP Security Headers via .htaccess - February 24, 2017
- Troubleshooting Load Analytics on Content Security Policy via .htaccess - February 17, 2017
- How to Create a Network LAN (Local Area Network) on Windows - February 16, 2017