- The most popular is bandwidth overprovision, when a company purchases additional bandwidth from the Internet Service Provider (ISP) to absorb the harmful traffic in case of a DDoS attack.
- The second strategy is to build the DDoS protection infrastructure on the border of the Internet and company network to filter the harmful traffic by using the DDoS-aware Intrusion Detection System (IDS) and firewalls.
- The third strategy is the use of hosted DDoS mitigation services offered by ISPs or by companies specializing in these services.
Wednesday, April 13, 2011
DDos ATtack Protection and Prevention
Security is a topic I’ve yet to cover here at darkshadow-hacker.blogspot.com, but is a topic that will be the focus of many future articles. If you are involved in the darkshadow-hacker group, it is especially important to be aware of the security of the programs you are investing into and to take measures to keep your personal information secure.
The first thing I want to talk about is DDoS Protection. I’m sure you’ve seen programs claim they have DDoS Protection and I’ll mentione it in my next article,. DDoS Protection is a security measure put in place by a program’s host, or at times a third-party company to protect the website against distributed denial-of-service or DDoS attacks.
A DDoS attack is an intentional attempt to make a targeted website unavailable to visitors. The purpose is to halt the targeted website’s operation and services, and shutdown the system entirely. This is accomplished by sending dramatically increased traffic to the targeted website, slowing the server to a point where it refuses new connections until the server crashes causing the website to go down.
DDoS attacks are accomplished by infecting unprotected computers on the internet with malware or trojan viruses. After these “zombie” computers are infected the malicious programs usually sit idle on the host computer until triggered by the master computer run by the person performing the DDoS attack. At the time of the attack the “zombie” computers with malicious programs all send communication requests to the target of the DDoS attack until the target’s host server crashes. Often there are thousands of infected “zombie” computers across the world that simultaneously attack targeted computers, resulting in slowed response time, overload and eventual crashing of the target’s server. Below is a simple graphic showing a visual representation of an attack.
You may be asking how you can prevent DDoS attacks from happening. The first thing you can do is make sure that your computer is not a “zombie.” While protecting your personal computer ultimately does little to prevent DDoS attacks, if everyone would protect their computer this sort of attack would be impossible. Small steps can make a huge difference over time. Plus, who knows what other nasty features the malicious software on your computer could have that could put your personal information at risk. Always have an active, updated antivirus program running on your computer and do frequent scans for spyware, malware and viruses. Below are several free anti-virus and spyware programs I recommend for protecting your computer, I will go into further detail on Personal Protection soon in a future walkthrough article.
I recommend running either AVG Anti-Virus or Microsoft Security Essentials along with Ad-Aware and Spybot S&D on your computer. Utilizing multiple antivirus and spyware removal programs will reduce the chance of having your computer compromised and some of the programs pick-up items left behind by the others. However, if you have a website, or are a HYIP admin looking for hosting for your program, it is essential to take further steps. One of the red flags in my reviews for HYIP programs is whether or not the admin has taken the time to acquire and set-up adequate security for their program.
In their Stopping DDoS Attacks whitepaper, Black Lotus Communications explains the three main strategies to protect a website from DDoS attacks:
The first strategy, bandwidth overprovision, is not enough to fully protect a website from a DDoS attack,. In this first strategy, the site will purchase additional bandwidth to absorb the DDoS attack’s traffic and perform normally. While this can work against small DDoS attacks, anything significant will shut down the site with little trouble.
The second strategy is not commonly used, but is the third-party solution where a filtering system is put into place to detect DDoS attacks and filter them to keep up the site. As these solutions can be extremely expensive and work best when used in addition to DDoS mitigation services,
The third solution, DDoS mitigation, is where the host of a site receives and analyzes all communication sent to a website and if it is determined to be a DDoS attack, the traffic is displaced and dropped, causing the targeted server never to receive the extreme amounts of traffic, resulting in zero or very little lost website functionality. This sort of protection is extremely expensive to set-up individually; however, web host companies such as Black Lotus Communications already have the infrastructure in place, allowing subscribers to benefit from DDoS protection while under their services. This is the most common solution
That concludes my walkthrough on DDoS attacks, prevention and protection. I hope my explanation answers all your questions and hope you’ve learned some techniques , if you have any questions please let me know.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment