DDOS Attacks and How to Avoid them on the Internet
DDOS is an Internet acronym for "Distributed Denial of Service"." DDOS attacks are not uncommon. However, modern computer hardware and software, along with the modular design of the Internet tend to neutralize the effects.
A DDOS attack serves no useful purpose beyond "taking down" a web site. Data are not stolen, servers are not compromised. Interestingly enough, a DDOS attack requires no special access to a web site; the entire attack is external to the web server computers. The most secure sites on the 'net are subject to DDOS attacks simply due to the external nature of the DDOS strategy.
How It Works
A web site is hosted on a computer called a web server. Very popular sites are hosted on multiple sites referred to as server farms. In either case, web surfers use programs like Internet Explorer, Opera, or FireFox to browse to the site. The process of browsing generates a series of requests and responses; the browser software generates requests for information, then waits for the web server computer to provide responses.
The DDOS attack strategy simply attempts to overwhelm the web server with requests from different parts of the Internet. Modern web servers have the smarts to deal with large volumes of requests, whether the requests originate through a DDOS or an unexpected surge in legitimate traffic. The worst case scenario, which is the ultimate goal of the DDOS intrusion, is a web server 'crash', thereby inconveniencing legitimate users and embarrassing the owners of the web site. A loss of income may also result if the web site is involved in commercial endeavors.
Architecture of a DDOS attack
As mentioned earlier, even an unexpected volume of legitimate browser requests can bog down a web server and result in a situation that closely resembles a DDOS attack. Smaller sites that suddenly receive national attention experience this scenario quite often. Computer users on many different segments of the Internet are requesting information from the suddenly overworked web server; it shuts down due to overwhelming levels of traffic.
A DDOS attack is malevolently intended to trigger a web server crash. It's no accident. Computers all over the world are synchronized to begin generating multiple requests at the same time. Many computers are required, but that's not enough to generate an effective attack. The computers must be distributed over multiple segments of the Internet. Imagine the streets in a large city. If one street becomes congested, it's simple enough to reroute traffic around that single street. If all (or nearly all) the streets are congested, paralyzing gridlock can result.
DDOS participating computers may be in your home or office. Many Internet viruses serve to compromise unsuspecting computers and configure them to be controlled remotely. Great armies of remote-controlled computers work together to generate DDOS attacks. A startling number of computers are connected to the Internet and under the influence of mysterious hackers elsewhere in the world. A slang term for such a computer is zombie.
Computer viruses (for the purpose of this article we will lump viruses, malware, and spyware together) have four primary purposes:
- send out SPAM,
- steal keystrokes and data,
- provide remote-control capabilities,
- and serve pop-up messages to the user.
A virus may perform one or more of these 'functions', or your computer may contract multiple viruses, each of which has a specialized purpose. A compromised computer may never be asked to participate in a DDOS attack, but the virus may lay dormant, lurking in the background. The 'best' DDOS viruses won't interfere with computer use. A modern computer puts a very small load on the CPU. Well-written viruses can happily execute in the idle periods and still accomplish its' intended utility.
A Real-World Model of a DDOS Attack
In the purest sense, a DDOS attack represents a computer science exercise. As we know, all computer science concepts can be witnessed in the real world by a trip to the Supermarket. Imagine a checkout line at a busy grocery store. Customers line up and patiently wait for their opportunity to present requests in the form of coupons, customer loyalty cards, and methods of payment. Our friendly cashier represents the web server computer. Requests are received and processed in a timely fashion. Everyone goes home happy. Consider a store infected with hundreds of zombie shopping carts. All of a sudden every cart in the store descends on the same checkout line. Refusing to wait in line, they encircle the hapless cashier and demand attention.The poor lady quickly realizes she cannot possibly handle so many simultaneous requests for service. She collapses in a quivering heap, then slinks off to take her break.
Beware Zombie Computers Used for DDOS Attacks
Some images may be courtesy of http://www.sxc.hu/