March 23, 2011 report
Hope on the horizon for victims of DDoS attacks
(PhysOrg.com) -- Recently, Yuri Gushin and Alex Behar, security experts with Radware, an Israeli security firm, gave a presentation at the Black Hat conference in Barcelona, Spain, and as part of their program showed what theyve been working on to assist big website portals in fighting back against Distributed Denial of Service attacks (DDoS).
DDoS attacks are where one or more people use their own resources to cause as many computers as possible to try to access the services of a targeted website; flooding the server with requests to such an extent that legitimate visitors are unable to gain access and do business. These kinds of attacks can happen either because there are enough people involved in a coordinated attack, or because those involved gain access to multiple other computers which they then direct to attack the chosen site.
DDoS attacks are not a new phenomena, but they have grown increasingly more pervasive in recent years as organizations, such as the infamous Anonymous gang of hackers, band together to forge new alliances, thereby increasing their ability to disrupt services. Such groups have come to use botnets or software robots to help them carry out their efforts. Botnets are created by implanting small pieces of code in as many unsuspecting computers as possible, then when a certain command is given, all of those computers start to harass the target; a giant army of software robots doing nothing more than creating a bottleneck that clogs up the web servers ability to carry out its job. The end result is legitimate users receiving messages saying they cant access the site.
In another scenario, a web server can disrupt netbots by intentionally dropping a packet of data sent to them thus taking advantage of the Internet protocol that requires both sides in a conversation to reduce the amount of traffic they are sending, when an error occurs, which from the netbots perspective, appears as a time out; the netbot then tries to overcome the obstacle by repeating the original request; which causes the whole sequence to run again, and again. In this scenario the netbot winds up becoming very busy while the web server goes on as if nothing has happened. Eventually the netbot will be forced to give up, or its presence will become known to the host, who will likely kill it.
In spite of these new advances in the war against the hackers, security experts such as Yuri Gushin and Alex Behar are not resting; they know it is only a matter of time before a way around the new defenses are found and theyll have to find a new way to stop them.
© 2010 PhysOrg.com