Author Topic: Thank you for your patience during the recent DDOS attack  (Read 1888 times)

0 Members and 1 Guest are viewing this topic.

september1950

  • Able Advisor
  • *
  • Offline Offline
  • Posts: 110
    • View Profile
Thank you for your patience during the recent DDOS attack
« on: July 22, 2007, 08:21:02 PM »
I see in the News section at the top of each page a thank you for our  patience during the recent DDOS attack

Just out of idle curiosity, what is a DDOS attack and what did it do?

Howard.



WayOutWest

  • Administrator
  • Master Motivator
  • *****
  • Offline Offline
  • Posts: 8636
    • A3PDNI0CMSQZ2N
    • View Profile
    • WayOutWestUSA.com - Landstrom's Black Hills Gold Jewelry
Re: Thank you for your patience during the recent DDOS attack
« Reply #1 on: July 22, 2007, 08:32:05 PM »
A DDOS attack is a distributed denial of service attack.  Essentially a bot owner (one that has gotten tons of computers across the world infected with trojans) tells all of the bots on all of the infected computers to start requesting massive amounts of data from a website (repeatedly downloading images that are on the site, etc).  The site in question gets overloaded and cant be used by real customers.

At least one of the websites hosted by the same host we use was attacked today, creating a huge bottleneck for all the other sites hosted by them.  So, even though we werent the subject of the attack, we were affected because of the bottleneck.  End result is that even though the server the site is on was able to create pages within .1 seconds, it was taking a very long time for the pages to be sent to visitors.


biggfredd

  • Founding Member
  • Master Motivator
  • *****
  • Offline Offline
  • Posts: 15092
  • Love this chatroom!
    • View Profile
    • Garrett Metal Detectors
Re: Thank you for your patience during the recent DDOS attack
« Reply #2 on: July 22, 2007, 08:44:27 PM »
DOS - Denial of Service.  The computer equivalent of dialing a number, asking for John, and    hanging up when he answers.  A computer dials a server, says "are you there?", the server replies "sure, what do you want?" and waits for a response which is never sent.  Do that hundreds of times and the waits tie up the server, thereby denying service to legitimate traffic.  As with caller ID, figure out who is calling and just answer and immmediately hang up.

Which brings us to DDOS, or Distributed Denial of Service.  This variation has thousands or even millions of computers attacking a server, making it much harder to separate the DDOS contacts from legitimate traffic.

In both cases, the attacks are usually from unsuspecting users whose machines have been compromised by a hacker, usually by Trojans delivered through Outhouse Excuse or some other broken mail program. Those machines have programs on them called Bots, which are not under the control of the user, but rather the hacker.

Here's an analysis of a classic attack:
http://www.grc.com/dos/drdos.htm

Somewhere on that site was an explanation of how he tracked down the owner of the bots and basically popped up and said "Hi, I'm Batman".
Check out the Bigg Elf's Toy Stash -- http://toystash.ecrater.com

And our Garrett metal detectors -- http://metaldetectors.ecrater.com

september1950

  • Able Advisor
  • *
  • Offline Offline
  • Posts: 110
    • View Profile
Re: Thank you for your patience during the recent DDOS attack
« Reply #3 on: July 22, 2007, 09:42:39 PM »
Thank you both for the explanation.

I now know why curiosity killed the cat.

Howard.


WayOutWest

  • Administrator
  • Master Motivator
  • *****
  • Offline Offline
  • Posts: 8636
    • A3PDNI0CMSQZ2N
    • View Profile
    • WayOutWestUSA.com - Landstrom's Black Hills Gold Jewelry
Re: Thank you for your patience during the recent DDOS attack
« Reply #4 on: July 22, 2007, 09:52:56 PM »
the info in the GRC link is a bit to take on, but very informative. 

if it helps, a trojan is like a computer virus (it's not just a prophylactic :D) one of the main differences between a trojan and a virus is that a trojan lets someone take remote control of your computer without you knowing it.

Get thousands of computers infected with a trojan and you become a zombie-master or bot-master, able to make these computers do your bidding (whether it be to send copies of sensitive files to you from the compromised computers, use the compromised computers to hack into other computers, use them to send out copies of the trojan to other computers, use them to send out your SPAM, run a DDOS attack, pretty much whatever you want).

« Last Edit: July 22, 2007, 09:55:45 PM by wayoutwest »

  

Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf