Practical Technology

for practical people.

DDoS: How to take WikiLeaks, MasterCard or any other Web-site Down

I can’t tell you who’s attacked first WikiLeaks and more recently MasterCard, PayPal, and Visa with Distributed Denial of service (DDoS) assaults , but I can tell you it wasn’t hard. It wasn’t even, as such things go, that bad. Just ask Google if you want to know what a real DDoS attack is like.

WikiLeaks was buried under attacks that threw up to 10 Gigabits per second (Gbps) at its servers. We don’t know exactly how hard MasterCard or Visa were hit, but at an educated guess, it was probably an order of magnitude worse. Few sites can handle that level of cyber-warfare.

What’s behind these attacks? People tend to think of DDoS as causing havoc by jamming network bandwidth with useless traffic. While that’s certainly one kind of DDoS attack, others work by devouring server resources. That means it’s possible for a successful DDoS raid to be made no matter how much bandwidth you have because it attacks your servers’ resources. To really protect a network against attacks, both your Internet connection and your servers need defenses.

Usually, DDoS attacks are aimed at your network’s TCP/IP infrastructure. These assaults come in three varieties: those that exploit weaknesses in a given TCP/IP stack implementation; those that target TCP/IP weaknesses; and the tried and true brute force attack.

More >

Comments are closed.