News Ticker

All About DDOS Attack-Worlds Number One Threat to IT World

By Ajay Verma - Friday 13 November 2015 No Comments
What is DDOS?
DDOS is known as Distributed Denial of Service. DDOS attack is an attempt to cause a web service unavailable or unusable by overwhelming it with traffic from multiple sources. In Name "Distributed" used because the number of machines from the world sends unlimited number of connections to a particular single domain or the website. Due to sudden and large ammount of load server goes down or temporary unavailable.
The Attackers target a wide variety of important resources, from banks to news websites, and present a major challenge to making sure people can publish and access important information.

How Does Actually Attack Happen?
Here I have mentioned some common detailed steps that how this attack is actually done.
Step 1: Scaning computers or network for the open vulnerability, open ports By using various port scanning tools.
Step 2: Prepare ip address list of vulnerable machine's to attack real target with the help of these vulnerable machine's.
Step 3: Gain access to the user system with the help of RATs, Backdoors, Root kits or a Trojan.
Step 4: Final attack, Attacker sends commands to their handlers or the vulnerable machines on which he has gained access. The attack can be in a manner of flooding.
For example if an attacker has command over 500 machines and if he sends instruction that each machines has to ping a particular websites 500 times then, simple calculation 500* 500 = 250000 hits goes to the server and it may go down.

DDoS attacks can be broadly divided into three types:
Volume Based Attacks
Includes UDP floods, ICMP floods, and other spoofed-packet floods. The attack’s goal is to saturate the bandwidth of the attacked site, and magnitude is measured in bits per second (Bps).
Protocol Attacks
Includes SYN floods, fragmented packet attacks, Ping of Death, Smurf DDoS and more. This type of attack consumes actual server resources, or those of intermediate communication equipment, such as firewalls and load balancers, and is measured in Packets per second.
Application Layer Attacks
Includes Slowloris, Zero-day DDoS attacks, DDoS attacks that target Apache, Windows or OpenBSD vulnerabilities and more. Comprised of seemingly legitimate and innocent requests, the goal of these attacks is to crash the web server, and the magnitude is measured in Requests per second.

Automatic Tool For DDOS:
LOIC (Low Orbit Ion Cannon): an "entry-level" DoS Attack Tool

History of DDoS Attacks:
First ever DDOS attack was faced by a famous search engine yahoo. Due to this attack yahoo got unavailable for 2 or 3 hours in worldwide. In a result of that yahoo had to face a big amount of loss in money in advertising revenue. E-Bay and CNN was also the victim of DDOS attack.
In September 2012, Riot Games sought legal action in the face of DDoS attacks that were “killing” League of Legends online matches.
In January 2013, the top Call of Duty: Black Ops 2 player on the Xbox 360, “Retrominano,” reset his stats in the face of incessant DDoS attacks, in order to cease being such an attractive target.
In April 2013, the Chinese DotA 2 league G-1 faced DDoS attacks during qualifying games for a tournament. Admins had to declare winners based on the state of the match at the time it was interrupted, and had to postpone other matches entirely.
In May 2013, early access for the massively multiplayer online game WildStar was disrupted by DDoS attacks. Developer Carbine was able to address the problem quickly such that players could get into the game.
In June 2013, the developer of EVE Online, CCP had to take down the entire Tranquility server cluster in the face of a DDoS attack. The attack affected both EVE Online and its associated first person shooter game, DUST 514.
In September 2013, over a million players on the Minecraft Survival Games network lost access owing to a DDoS attack.
In November 2013, developer DICE had to deploy emergency servers in the face of DDoS attacks against Battlefield 4.
In January 2014, a series of attacks as similarly-wide as last night’s activity was launched. Steam, Origin, Battle.net, and League of Legends servers were all targeted. The attacks were aimed at disrupting the online gaming activity of a single player.
In February 2014, League of Legends was hammered with another series of DDoS attacks, this time as part of a wider front of attacks launched against multiple including non-gaming sites.

No Comment to " All About DDOS Attack-Worlds Number One Threat to IT World "