{"id":2221,"date":"2014-05-16T10:24:37","date_gmt":"2014-05-16T15:24:37","guid":{"rendered":"http:\/\/www.poweradmin.com\/blog\/?p=2221"},"modified":"2015-04-24T16:22:30","modified_gmt":"2015-04-24T21:22:30","slug":"understanding-a-ddos-attack","status":"publish","type":"post","link":"https:\/\/www.poweradmin.com\/blog\/understanding-a-ddos-attack\/","title":{"rendered":"Understanding a DDoS Attack"},"content":{"rendered":"

\"UnderstandingNew research<\/a> released this month has shown that DDoS attacks are on the rise in the UK and USA. DDoS attacks, otherwise known as Distributed Denial of Service attacks<\/a>,<\/span> are when someone or something tries to make an online service unavailable by bombarding it with huge streams of traffic from different sources. They can<\/span> target all kinds of web-based services, including banks, new websites and popular social networks. They are often used to prevent people or websites from <\/span>publishing\/providing access to information.<\/span><\/p>\n

A third of all website downtime<\/a> incidents are estimated to be the result <\/span>of DDoS Attacks<\/span><\/p>\n

How Does a DDoS Attack Work?<\/strong><\/span><\/h2>\n

https:\/\/www.youtube.com\/watch?v=NogCN78XN2w<\/a><\/span><\/p>\n

People wishing to implement a DDoS attack on a website or service have a couple of options. They can either buy a DDoS attack<\/a> for as <\/span>little as $30, or, if they\u2019re more technically savvy, they can put one together themselves.<\/span><\/p>\n

A DDoS attack requires a lot of computing power. Most attackers don\u2019t have those computers to hand, so instead they build \u2018botnets\u2019. These are networks of<\/span> computers that have been infected with malware which takes control and barrages the target with requests. DDoS attacks are particularly damaging to small <\/span>websites, such as those used by SMEs and independents. They often don\u2019t have the necessary infrastructure to handle the attack of even a small botnet.<\/span><\/p>\n

There are a variety of ways that botnets can attack a site. They can send multiple connection requests per second, bombarding a site with enough data to <\/span>exhaust its data allowance, or attempting huge amounts of login requests to overload a site\u2019s capabilities.<\/span><\/p>\n

There\u2019s a fantastic resource from Digital Attack Map<\/a> that shows a live feed of<\/span> all the DDoS attacks happening across the globe currently, as well as all the DDoS attacks that have happened in the last year. As you can see, there\u2019s no<\/span> shortage of them all year round. The huge spikes of DDoS attacks like those seen in Aug 2013 are the kinds of attacks that can bring down government sites, <\/span>or exhaust smaller countries entire bandwidth allowance.<\/span><\/p>\n

Types of DDoS Attack<\/strong><\/span><\/h2>\n

TCP Connection Attacks<\/span>
\n \u2013 These occupy an infrastructure\u2019s available connections so that others can\u2019t use them. It\u2019s a fairly precise strike, and can take down targets capable of<\/span> handling millions of connections.<\/span><\/p>\n

Volumetric Attacks<\/span>
\n \u2013 The crudest form of DDoS. A volumetric attack attempts to consume all of a service\u2019s bandwidth with a huge number of requests. These don\u2019t do any<\/span> long-lasting damage to a site, and are more about causing congestion and making it impossible to use.<\/span><\/p>\n

Fragmentation Attacks<\/span>
\n \u00ad \u2013 A flood of fragmented data is sent to the target site, which then has to struggle to reassemble the data and make sense of it; this can severely reduce<\/span> the performance of a site.<\/span><\/p>\n

Application Attacks<\/span>
\n \u2013 The equivalent of a stealth-attack in DDoS terms. Application attacks can be conducted with a relatively small botnet. They generate a low rate of<\/span> traffic, but target and overwhelm a specific aspect of a site or application, such as a login or payment portal.<\/span><\/p>\n

DDoS objectives<\/strong><\/span><\/h2>\n

People can instigate DDoS attacks for a number of reasons. They could be seeking to extort a business, beginning a DDoS attack when it is important that a <\/span>website be fully functional and then demanding money for the cessation of the attack.<\/span><\/p>\n

Espionage is another regular reason for DDoS attacks, because of their volume and visibility they have been used as a smokescreen for other less obvious<\/span> attacks which then sneak by the distracted incident response team. There are also plenty of instances of DDoS being employed purely as nuisance. Hackers<\/span> and other malicious presences online launch DDoS attacks just because they can. These attacks are often short lived though, and more an annoyance than a <\/span>serious issue for businesses.<\/span><\/p>\n

Some DDoS attacks may also be launched as a protest, either for or against a certain cause or issue. In these instances a central authority provides<\/span> \u2018hacktivists\u2019 with a target and details on how to implement a DDoS strike. These kind of \u2018opt-in\u2019 DDoS attacks are becoming more popular with protestors, <\/span>and are capable of bringing down large websites run by governments and other organizations that are perceived as being in the wrong.<\/span><\/p>\n

How Do I Protect Myself From DDoS?<\/strong><\/span><\/h2>\n

\"FearThere aren\u2019t any sure-fire ways to protect yourself from a DDoS attack. But there are steps that you can take to make it much harder for your computer to<\/span> be harnessed as part of a botnet. Make sure to install and maintain a good antivirus software, as well as installing a firewall and monitoring software<\/a><\/span> that is configured to restrict the amount of traffic coming into and leaving your computer network or server. Furthermore, it pays to be cautious about <\/span>where you go on the internet and not to open any suspicious files that you find either on a website or in emails.<\/span><\/p>\n

The first thing is to make sure that you know the signs of a DDoS attack so you can best inform your clients and customers about exactly what is going on.<\/span> Signs of a DDoS attack include: an unusually slow network performance, inability to access websites, a big increase in the number of spam emails and <\/span>queries being submitted to your servers, and your own website going down. If all of these are true, then you are likely experiencing a DDoS attack.<\/span><\/p>\n

After you\u2019ve determined that your business is the target of an assault, your administrators should make it their priority to determine what the attack is<\/span> targeting. If it\u2019s not attacking your entire network then their first step should be to isolate the attacked part of your site from the rest. This will<\/span> ensure that, whilst one element of your site may be down, the rest of it should be able to operate without much disruption (as long as what\u2019s being <\/span>attacked isn\u2019t core to the entire system.)<\/span><\/p>\n

There\u2019s an excellent article by<\/span> Dark Reading<\/a><\/span> about the correct steps to take when countering a DDoS attack, and I recommend you read that as well if you want to develop a deeper understanding of how<\/span>
\n to respond to a DDoS Attack. Denial-of-service attacks are on the rise, most likely because there is no way to prevent them outright. Therefore, the best<\/span>
\n thing a business can do is prepare themselves with knowledge, so that they can best respond if they ever do find themselves under attack.<\/span><\/p>\n

Infographic<\/strong><\/span>:<\/span><\/span>
\n
\nhttp:\/\/www.prolexic.com\/images\/1000px-Q3-2013-Attack-Report-Infographic.jpg
\n<\/a><\/span><\/p>\n

\"Tweet<\/a><\/p>\n

\"Share<\/a><\/p>\n

Photo Credit: Kevin B 3<\/a> via Compfight<\/a> cc<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

New research released this month has shown that DDoS attacks are on the rise in the UK and USA. DDoS attacks, otherwise known as Distributed Denial of Service attacks, are when someone or something tries to make an online service unavailable by bombarding it with huge streams of traffic from different sources. They can target […]<\/p>\n","protected":false},"author":2,"featured_media":2226,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,13,9],"tags":[],"class_list":["post-2221","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general-it","category-pc-security","category-technical"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/2221","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/comments?post=2221"}],"version-history":[{"count":5,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/2221\/revisions"}],"predecessor-version":[{"id":3510,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/2221\/revisions\/3510"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/media\/2226"}],"wp:attachment":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/media?parent=2221"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/categories?post=2221"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/tags?post=2221"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}