Wednesday, 14 January 2015

DDOS Attack Basic Tutorial

What is DoS Attack ?
Denial of Service(DoS) Attack is a fatal attempt by an external agent to cause a situation where the actual resource(victim undergoing attack) becomes unavailable to the actual visitors or users. This is usually done by overwhelming the target victim with illegitimate traffic in the form of broken/unsolicited page access requests.

Distributed Denial of Service(DDoS) Attack is an advance form of DoS where the attacking agents are distributed over the huge network (or internet)

How DoS Attacks are executed ?
DoS Attacks are usually executed by flooding the target servers with unsolicited data packets in unprecedented manner. This may be done by misconfiguring network routers or by performing smurf attack on the victim servers. This results in, Capacity Overflow‟, followed by Max Out of system resources, which makes the target service unavailable, either temporarily or permanently(In case of hardware targeted DoS attack) to the intended users.
In case of DDoS attack, the origin of unsolicited data packets (for the purpose off looding the bandwidth/resource of the victim servers) are distributed over a large network(or internet).
The overall mechanism of DDoS Attack involves a huge quantity of compromised network nodes (computers connected to internet), governed by agent handlers, which are further controlled centrally by the actual attacker.

The massive number of compromised computers on the internet are then unknowingly governed by the source attacker to demand access to the targeted victim within a minimal time span, which further causes saturation of limited system resources and results in eventual shutdown of the targeted service.

The most common method employed to compromise massive amount of user agents on the internet (to actually execute DDoS Attack) is by plaguing as many computers as possible over the internet with malware/trojan, meant for that particular purpose. Such trojans can either spread via email attachments or via Peer-to-peer networks. Whatever be the method of spreading out, once the intended trojan is silently installed on the uninformed computer agent, that user agent has actually been compromised, which is then called as a Zombie or Botnet.

Further, it becomes a prerogative of the source attacker to indirectly command some or all its Zombie agents(or botnets) for demanding access to the target service.

What are other variants of DoS attacks ?
There are many other attacks of similar nature and purpose such as smurf attack, nuke bomb, ping of death, banana attack, phlashing among many others.

How are they counteracted ?
The best way to defend a web service from faltering due to DDoS attack is to keep backup resources of the system intact. As the aim of such attack is to max out system resources, if the system resources are already abundant and well prepared to face that sudden peak of traffic at any moment, most chances are that your web service will survive DoS (or even DDoS) attack.

What implications can DDoS Attacks have ?
If the attack is only limited to overwhelming and resource consuming traffic, the implications are limited to service unavailability for couple of hours (or few days in exceptional cases). This not only stresses the website administrators financially but also results in loss of market reputation and puts a question mark on the reliability of the web service.

In case of hardware targeted DoS Attacks, financial losses can magnify to great extent as hosting infrastructure has to be replaced on urgent basis. This can also lead to critical data loss, if backup procedures aren‟t up to the mark.With more and more DDoS attacks happening these days, companies and Internet properties are using various types of DDoS Mitigation strategies to avoid any worst case scenario.


No comments:

Post a Comment