One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 500741 |
| Date de publication | 2018-03-08 14:00:00 (vue: 2018-03-08 14:00:00) |
| Titre | Explain What DDoS Is |
| Texte |
Your favorite website goes offline. That firewall in your office network isn’t filtering anything and is overwhelming the server machines that it is connected to. If an LDAP port is hit by a DDoS attack, you have no Active Directory securing the user accounts on your Windows client PCs. Maybe an IMAP server was hit, so now you have to actually phone your boss because she cannot communicate with you via email.
You sit in your cubicle, unable to log into your PC because LDAP was DDoS attacked. Accessing your work email on your phone is a waste of time because your employer’s email server won’t work if it’s the DDoS target instead. And to all of that, the web forums on fly fishing you usually kill time with are offline because they were hit by a DDoS attack as well! The network administrator steps out of the datacenter and announces to your office that the company’s firewalls and servers were hit by a DDoS attack. But there’s no need to worry, because she will bring everything back online within the next ten minutes. What happened?
A DDoS attack, Explained
DDoS is an acronym for Distributed Denial of Service. A simple Denial of Service could be a technical accident where something such as a memory buffer overflows and the affected device is forced to shut down because of it; however, DDoS attacks are no accident. They are deliberate, malicious cyber-attacks.
The targeted network appliance or server denies usual service because it has been deliberately overwhelmed with data packets. Imagine five hundred people trying to run through a doorway at the same time. The service that the doorway usually provides by allowing people to go from one room to another will obviously no longer work. The doorway has a finite capacity, same as a firewall and memory buffer in your server application.
DDoS attacks are conducted deliberately by cyber attackers. The most common way that DDoS attacks are conducted these days is by leveraging control of a botnet. A botnet is a network of “bots,” usually through the internet. The bots are usually PCs, mobile devices, and IoT devices which have malware on them that allows a cyber attacker to use their computing power through their command and control server. When the attacker finds a public IP address that they want to target, they will command their bots to send as many data packets to the IP as possible. All of those packets all at once will overwhelm whichever device and software the IP is connected to, and it will go out of service.
Occasionally these days but more frequently in the 1990s, a web server’s website could go offline if too many people try to download webpages from it at the same time. Big tech companies like Google and Amazon have massive datacenters around the world which consume more electricity than some countries. They can handle millions of people trying to use their web services at the same time. But if I install Apache on an old PC on my LAN and put a website on it, it won’t have anywhere near the same capacity. Hundreds of people trying to download a webpage at the same time might overwhelm my home router and my modest PC, and it will go offline. That’s the sort of denial of service that’s an innocent accident. But DDoS attacks are no accidents. They’re also distributed, which means that many different devices are working in unison to flood an IP with packets.
Explain Types of DDoS attacks
The OSI layer model describes seven layers which constitute a networked computing entity, usually through TCP/IP. |
| Envoyé | Oui |
| Condensat | “bots “i “look you 1990s 3am access accessing accident accidents according accounts acknowledge acquire acronym action active actual actually address addresses administrator administrators affected aftermath all allow allowing allows also amazon amount analyze announces another any anything anywhere apache appliance appliances application are around attached attack attacked attacker attackers attacks attacks attractive back backbone bad bandwidth because been deliberately overwhelmed better big boss both botnet bots breach bring browser buffer build bunch business but can cannot capacity christmas client command common communicate companies company company’s computer computers computing conduct conducted connected constitute consume control could countries cubicle cyber cybersecurity data datacenter datacenters days ddos deliberate deliberately denial denies describes design designed detection determine device devices different directory disruption distraction distributed doing don’t doorway down download downtime easy either electricity else email employer’s entity even everything experience explain explained exploits favorite feed fill filtering anything and finds finite firewall firewalls fishing five flood fly forced forums four fourth frequently from function get give goal goes good google hacktivists handle happened harm has have having headers help here’s hit home hours how however http https hundred hundreds imagine imap immediately improving incident including innocent install instead internet intrusion involves iot isn’t it’s it; just kill know lan layer layers layout ldap legitimate leveraging like likely little log logs longer lose machines made makes malicious malware manifested many massive may maybe means memory might millions minded minutes mitigated mobile model modest money more morning most motive much near need network network’s networked networks next not now obviously occasionally office offline old once one online only order osi other out overflows overwhelm overwhelmed overwhelming overwhelms packets paths pcs people perform performed phone physical plenty port ports possible possibly power prevention private problem professionals proper protocol provides public put quickly reason rebooting record recover recovered recovering redundancy redundant relatively remote request requests respond response restarting return room routed router rubbish run running same saying secure securing see send sent server server’s servers service services seven seventh she should shut siem simple sit sites skilled software some something sort spoofed staff steps storage such supposed syn syn/ack systems target targeted targets tcp tcp/ip tech technical ten than that’s them then there’s these they’re third those through time times too traffic transactions transport tries try trying type types udp unable unavailable understandable unison uptime use user users uses usual usually value volumetric want waste watch way web webpage webpages website well what when where which whichever who why will windows within won’t work working world worry worse your zone |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.