Dos attacks are on a rising scale now-a-days. DOS means denial of service. In this type of attack, target system is not actually 'hacked'. It is just flooded with overwhelming number of synchronization requests or something similar. Sometimes, specially crafted data (packets) is sent to the target system. These things cause the target system to crash, hang or reboot just because it can't handle that much connections or can't handle badly constructed data. Dos attacks don't 'steal' or take out any private information. What they do is just damage and force systems to reboot and cause nuisance. These attacks have solutions over them such as port blocking, protocol blocking, address blocking etc. They are possible to prevent because they are generated from only one machine. But what if it is generated from thousands of systems worldwide? This is one of the most dangerous upcoming concept called 'DDoS' (Distributed Denial of Service).
Before we go on to look what is ddos, I will give you an example of it. This is a story of a ghost. There was a ghost hunter who was giving troubles to a ghost. Once, the ghost managed to run away and started living on a tree. Some days passed away. The ghost now started attracting people towards that tree. Once they have arrived near that tree, the ghost used to bite them and from that moment, the people psycologically affected and used to be a slave of that monster after that. Like this, thousands of people were affected by the ghost. Now, they would listen only to that what their master ghost would say. Once the ghost ordered them, "go and kill that hunter at once!". Obeying the command, whole flock marched towards the hunter. Surprised hunter tried to remove effect of ghost on many of them. But they were in thousands. Hunter didn't get success. Hunter was killed by the people who were under the control of ghost.
So, what is the relation of this story with ddos attack? Can such things happen on internet? oh yes! They are happening! The ghost in this story is the actual main hacker. The hunter is playing the role of legetimiate websites like government websites, websites of federal agencies or educational systems. And who are the slaves of ghost? They can be any innocent pc users like anybody! So, how does this happen? Attacker, by using one of the various methods, gives out malicious programs to mass community. These malicious programs or malwares, once reached to any pc, they infect it. Due to this infection, the infected pc starts obeying commands that are coming from the attacker. These infected machines are known as 'zombies' or 'bots'. Once the attacker has control over thousands of such machines situated worldwide. He gives out command to all these zombies to lauch dos attack on a particular web server. The infected machines obey the rule and starts flooding the target. So, what will happen now? This would be preventable if the floods are coming from few machines. Server could block them. But here, the flood is coming from thousands of systems from worldwide. They can be form any country. How many such systems will the web-server block? Finally, same happens with them what happened with the hunter in that story. The have to be shutted down. Many programs running on server may be crashed causing a great loss. Case is even worse when the target is e-commerce website. They have to tremendously suffer from loss. The only outcome from such attacks is 'nuisance' and no 'benefit' for the attacker.
No comments:
Post a Comment