Denial-of-service attacks

--Originally published at Computer and Information Security

Have you ever feel that a webpage is loading too slow compared to other times, a poor network performance while trying to retrieve s file from a cloud server, an increasing amount of time in order to reach an specific service from the internet? It’s obvious that there are many factors that can influence the weak performance from the network, but it is important to take into account that it could be a denial-of-service attack. It’s not that easy to spot the problem, but first, what is a denial-of-service attack?

We can define a a DoS attack as a planned attack to a server in order to disrupt an organization’s network to complicate the entry of their user to their services. The attack can limit the access to the network or even to deny the access. The main point is to prevent any online activity through the servers that are being attacked.

There is also a Distributed Denial-of-Service attack, where the attacker also infects the computers that get connected to the infected servers and now these new computers are used to infect more users. These new infected computers are known as zombies. Zombies are the computers that are controlled by the attacker. With the control of all of the computers, the attacker can use their power to overload the services, such as mail, internet, and network services.

Also, there are three specific categories in which the hackers focus their attacks:

  • Networks
  • Systems
  • Applications

Distributed-Denial-of-Service-Attack-Greets-Forked-Bitcoin-Gold-on-First-Day.jpg

Mainly, all of them create requests to overload the servers until there is no response or until they create an error on the system. One of the main goals is to consume as much bandwidth as possible in order to create slowdowns in networks. Hackers also focus on hardware, such as routers and devices that need network Continue reading "Denial-of-service attacks"

Los Dedos te atacan

--Originally published at tc2027 – Ce qui est chouette

This post will deal with DoS (Denial of Service) and DDoS (Distributed Denial of Service). Los Dedos te atacan comes from DDoS sounding like dedos (fingers in spanish) when reading from a spanish perspective.

9343757575_ec9f5efe75_o.jpg
Hand by Hana Tichá on Flickr under a CC License.

DDoS and DoS attacks have the same goal. Render an online service—like an API, online gaming networks like Xbox Live or PlayStation Network, or your average webpage—unavailable for its legitimate users. This is usually done by flooding the victim’s server with requests or performing a particular request that triggers some action to bring the server down. In the end, both these attacks set their aim at the Availability part of the CIA Triad.

A traditional DoS attack consists on the same computer performing these requests, so you could imagine this type of attacks would be easy to defend against. SPOILER ALERT: they are. Usually just a check for the same IP address making multiple requests in a short span of time does the trick. The real problem lies with DDoS, mainly because of the first D.

DDoS attacks are the steroid-pumped version of DoS attacks, is just mentioned, because of the Distributed part of it. A DDoS attack is based on the same idea, but instead of a single computer, the culprit of the attack is a network of computers of any type—hijacked personal computers, remote servers from all around the globe, or IoT things, like fridges or security cameras. The fact that this network could be distributed, in the geographical sense, means that identifying the attacking computers is harder and takes much more time.

Types of DoS

Now onto the details, these are the classes of DoS attacks:

TCP.

This type of attack attempts to block all the available connections to the infrastructure Continue reading "Los Dedos te atacan"