What Is A Denial of Service Attack DoS?
An attack by DoS (denial of service attack, DoS) attack is designed to make available a service, preventing legitimate users of a service to use. It can be:
- Flooding of a network to prevent its operation
- Disruption of connections between two machines, preventing access to a particular service
- Obstruction of access to a service to a particular person
The Denial of service and can block a file server, making it impossible to access a web server, preventing the distribution of mail in a business or make available a website).
The attacker does not necessarily require sophisticated equipment. Thus, some DOS attacks can be executed with limited resources against a much more modern and large. Sometimes called such attacks “asymmetric attack” (due to the difference in resources between the actors). An attacker with an outdated computer and a slow modem may well offset machines or networks much more important. The denial of service attacks have changed over time.
Firstly, the materials were perpetrated by one “forward” quickly, attacks appeared more sophisticated, involving a multitude of “soldiers”, also known as “zombies.” This is called DDoS (distributed denial of service attack). Second, DoS and DDoS attacks were perpetrated by hackers only attracted by the achievement and reputation. Today it is mostly criminal organizations, primarily motivated by money.
Thus, some hackers have specialized in the “lifting” of armies of “zombie” which they can then rent to other hackers to attack a particular target. With the sharp increase in trade over the Internet, the number of blackmail to denial of service has increased dramatically (an attacker launches a DoS attack or DDoS against a company and asked for a ransom to stop this attack
The denial of service have emerged in the 80s. The DDoS (Distributed DoS attacks or) are much more recent (late first appearance in June 1999). The first official DDoS attack took place in August 1999: a tool called “Trinoo DDO” has been deployed in at least 227 systems, of which 114 were on the Internet to flood the servers at the University of Minnesota. Following this attack, internet access university remained blocked for more than two days.
The DDOS attack first publicized in the mainstream press took place in February 2000. On February 7, Yahoo! has been the victim of a DDOS attack that made its Internet portal inaccessible for three hours. On February 8, Amazon.com, Buy.com, CNN and eBay were hit by DDOS attacks that have caused either stop or a sharp slowdown in their operation. On February 9, E Trade and ZDNet have in turn been victims of DDOS attacks.
Analysts estimate that within three hours of inaccessibility, Yahoo! suffered a loss of e-commerce and advertising revenues totaling approximately $ 500 000. According to Amazon.com, the attack caused a loss of $ 600 000 in 10 hours.
During the attacks, eBay.com has increased 100% availability to 9.4%; CNN.com fell below 5% of normal; Zdnet.com ETrade.com and were, themselves, almost inaccessible. Schwab.com, the online broker Charles Schwab, has also been affected but declined to give exact figures on its losses. One can only assume that in a society that is 2 billion dollars a week on business online, the loss was not negligible.
In September 2001, a Code Red virus infected thousands of systems, and a second version, called Code Red II installs a DDOS agent. Rumors say it was an attack against the White House. In a political crisis, the U.S. government announced that security measures will be undertaken. But from summer 2002, it was the turn of the Internet to undergo a DDOS attack against the 13 root servers.
These servers are the key points of the referral system from the Internet, called Domain Name System (DNS). This attack will only last an hour but could cripple the entire Internet. The incident is taken seriously by experts who claim to enhance the future security of their machines.
The first version of Slapper, appeared in mid-September 2002, has infected more than 13 000 Linux servers in two weeks. Slapper uses a security hole present in the module OpenSSL1 and vehicle DDOS agent. This is detected and stopped in time.
Nevertheless, Monday, October 21, 2002, a new DOS attack blocks 9 of the 13 key servers, making their resources inaccessible for three hours. Some businesses and organizations that run the key server responds and decides to review its security arrangements. The FBI opened an investigation, but locate the offender or the attack be difficult.
Shortly after server MySQL database to Microsoft Corporation, misconfigured, are infected by the SQL Slammer worm latter carries an agent that launches a DDOS attack January 25, 2003 Internet cons. This time, only 4 of the 13 root servers responsible for routing Internet were affected. Despite the virulence of the attack, the overall network performance has hardly been reduced by 15%.
Continued…
Related posts:
- Denial of Service Attack DoS | Part 2
- Denial of Service Attack DoS | Part 3
- Denial of Service Attack DoS | Part 4
- Denial of Service Attack DoS | Part 5
Tags: attack by dos, ddos attack, ddos attacks, denial of service attack, protection against attacks from denial of service