- Internet & the Web»
- Viruses, Spyware & Internet Security
What Every Computer User Ought to Know About DDOS Attacks.
Hacking of computer systems remains a prevalent threat plaguing numerous business entities and high profile websites world over. With increased financial transactions online, the threat is real and rife. Often times, individuals, business entities and organizations have suffered great losses in form of lost information, lost sales and run down of computer servers. While computer systems hacking many take many forms, DDOS attack presents the greatest threats. It can lead to immense losses once unleashed on a target website. Worse still, it can collapse whole systems with minutes of unleashing. The fundamental question's: What is DDOS attack and how can you safeguard your computer systems? Read on for answers.
A brief overview of DDOS.
DDOS-an abbreviation of distributed denial-of-service-occurs when hackers infiltrate a high profile website or target servers with numerous communication requests within a short span. This essentially jams the server such that it's no longer capable to handle incoming HTTP requests. As a result, the network resource goes offline either temporary or for prolonged time. Either way, legitimate users have no access to the resources during the period of attack.
Forms of DDOS Attacks.
While DoS attacks may vary, the following are the prevalent and obviously present the biggest threat.
1) Smurf or Fraggle.
In this form of attack, spoofed source IP is usually broadcast to router’s broadcast address that is within the target network. Consequently, devices connected within the network respond by replying back to source IP address. While a smaller network may survive the resulting traffic, a large network with many devices will be flooded with traffic that jams thesystem thus slowing it to a point where it becomes unusable. Modern routers however, no longer forward any packets that are directed to their broadcast addresses. This has decimated smurf attacks.
2) DNS attacks.
This entails poisoning DNS server's cache for systems operating on Berkeley Internet Name Domain(BIND). When the cache has been poisoned, a legitimate user gets directed to a nonexistent website or to the attacker’s website. This makes affected web site it's power for online visitors.
3) SYN Flood.
SYN flooding essentially prevents and subsequently starves attacked servers the important resources. Attackers repeatedly spoofed source addresses with an aim to getting return addresses. However, the spoofed addresses either exist on different network or doesn't exist. The efficiency of victim servers slows down as they wait for response from the anonymous sources. The server eventually times out and is unable to sustain a connection.
Symptoms that your computer system is under attack.
Distributed denial-of-service continue to evolve in bandwidth, frequency and sophistication. According to SANS 2014 DDoS survey findings; there has been a 39 percent surge in DDoS attacks in 2014. Interestingly, high profile servers are no longer the only targets for the attacks. Small scale computer systems have also become a prime target. Below are common indicators of DoS attacks;
Under attack, a usually high performing network becomes uncharacteristically slow and even frustrating. Simple tasks such as opening small files and accessing websites takes longer and becomes unreliable.
Disconnection of Wired or wireless internet connection.
The first indicators of an attack come in form of frequent disconnection of internet connection, whether wired or wireless. This disrupts file sharing, communication and internet surfing.
Inaccessibility of internet services.
As the attack progress, accessing internet resources such as websites and other data mines becomes inaccessible. Accessing specific websites proves a daunting task as is surfing the internet.
A marked increase in spam emails.
Have you noted a rise in spam emails flooding your mail box? Your computer system is probably under denial of service attack. The principal aim for this is to cause an overflow of the mailbox which ultimately overwhelms the server which hosts the email address. Such an attack is commonly called an e-mail bomb for its potent to jam host server.
Unavailability of specific web sites.
In instances where attacks are concealed or in small scale, inability to access specific websites is commonplace. This emanates from unsolicited resetting of networks' TCP sessions. Such websites can, however, be accessed with ease on other networks.
5 Key strategies of preventing the attacks.
There's no denying that distributed denial of service attacks poses an overwhelming threat for small scale and large networks in equal measure. Even then, 26 percent of internet users lack the prerequisite knowledge of protecting their computer systems against attacks according to SANS 2014 DDoS surveys. Below are 5 key strategies for keeping DDoS attacks.
Firewalls can be formatted filter and analyze any incoming Protocols, IP addresses or ports. It can then allow or deny traffic depending on the analysis. This helps prevent simple attacks originating from a smaller number of anonymous IP addresses.
Application front end hardware.
This entails incorporating intelligent hardware in the network. The hardware complements routers and switches by analyzing in detail incoming traffic just before it enters the network system. The probability of infiltrating the network with unsolicited network is lowered significantly or eliminated in entirety.
Pro-active monitoring of systems.
Network administrators should proactively monitor and test the network resources while eliminating vulnerabilities that can act as the window of launching attacks. Network security logs must be monitored closely and effectively so as to unearth any suspect occurrences.
Using updated anti virus.
A virus may used to search foe vulnerabilities that be used to a launch attacks. An anti virus is vital for safeguarding a network from web attacks, email intrusions and viruses. Anti viruses raises alerts on unusual or malicious activities that can be detrimental to a network.
IPS fronts an ideal opportunity to detect and subsequently block denial-of-service attacks for they have the ability to process and analyze traffic patterns in a network. They may be automated to act as circuit breakers preventing the onset of attacks.
DDoS attacks has the capability to interfere with or even halt operations of web servers leading to a major upset in form of lost sales, maintenance costs and even credibility. Business owners and organizations must therefore invest in systems that unearths and eliminates weak points.