User Login

Help Community Login:

What Does DDoS Mean? How Can I Protect Myself?

1 reply [Last post]
STaRDoGG's picture
From:
Olympus
STaRDoGG
Head Mucky MuckJoined the Dark SidePremium Member (Gold)I'm a Code Monkey!The Steel CurtainI use FirefoxI use Google ChromeI use Internet ExplorerI use SafariLinux UserMac UserWindows UserI donated to GeekDrop simply because I love it!Booga Booga BoogaI took a bite of the AppleFormer Phrozen Crew MemberI'm MagicMember of VileThe Dr. put the stem on the apple!The JokerSomeone thinks you're udderly delightful!
Relationship Status:
Single & Not Looking
Joined: 01/14/2009
Posts: 2563
Drops: 3020
Mood: Energetic

"DDoS" stands for "Distributed Denial of Service.

It's a method of sending so much data to one computer / IP Address, usually, but not always, a simple "ping", that it essentially gets flooded, can't handle it, and either gets completely knocked offline, or becomes so slow that for all practical purposes that computer, or even website, becomes unusable.

Back around the late 1990's when I was in the "cracking scene" is was just "DOS" (not distributed). In those ancient times your average user was on a dial-up modem (9600, 14.4K, 56K, etc.), not broadband like today, and you'd usually get a new IP address every time you logged off and then back on again (by dialing into your ISP each time). The speed of those modems were dog slow, and they couldn't handle much traffic, in fact, for anyone who wasn't there to witness them, to give you an idea of how slow they were, an average sized mp3 file that you can download today in around a minute or less, could take an hour or more to finally download, assuming all went well and there were no hiccups during the transfer and/or you didn't get bumped offline by an incoming phone call, so "distribution" while DOS'ing wasn't even needed, you could just use the plain ol' ping.exe in Windows or the Linux version of ping and set it to just keep on pinging until it flooded the modem and knocked the person offline.

And it happened A LOT, especially to us IRC'ers, surrounded by bored college and/or high school kids. Hell, who am I kidding, I used to do it sometimes too, it was both fun and funny sometimes. Devil

Fast forward to today ...

... and broadband modems that can take so much incoming data that a single computer sending pings just won't do the trick. Enter the "Distributed" portion of the name. The idea behind the DDoS is the same, however, instead of a single computer flooding the target computer with data, many computers all send it at once, achieving the same end result. The one target computer cannot handle the constant flow of incoming data from so many computers at one time. Eventually it's unable to reply to pings, or respond at all, resulting in becoming unusable, and if any services, like a web server, or FTP server as just 2 examples, are running on that computer, they'll also be unusable. Anyone trying to connect to any websites running on that computer's web server won't be able to connect to it, it'll just time-out.

How does an attacker coordinate so many computers to attack a single IP/computer at once?

The usual way is by infected computers. For example, let's say you unknowingly run some non-photo attachment in one of your emails (never open attachments from anyone you don't know! And still, be cautious of attachments from those that you DO know because they might not even know it's infected), the attachment secretly installs software on your system that can allow someone you don't know (the attacker who wants to do a DDoS) to run certain commands, such as ping.exe, and often do anything that you can on your own computer, all without you even knowing it's happening. You computer is now what they call a "zombie"; it's just sitting there, infected, waiting for the command to awaken and attack. Now imagine a person who has access to hundreds, even thousands of infected "zombies", sending the command for all of them to flood a single computer with pings, or some other data, and you can see how easily a computer can be crippled by the attack.

Most of the time this network of "zombies" (can also be called a "botnet") isn't controlled by a single person, but rather a group of people who have access to this "botnet". So more than one person can send DDoS commands whenever they want to, often via IRC.

How do I protect myself from becoming a DDoS Zombie?

The standard rules apply:

  • Always keep your computer up to date with it's security patches, via Windows Update if you're on Windows, etc.
  • Don't assume that just because you're on a MAC that you're safe. MAC's are equally susceptible to MalwareMalwarebytes Anti-virus / Anti-malware as Windows computers, the only reason Windows users are more often infected is because the greater majority of computer users use Windows PC's instead of MAC's. If you're a virus author and want to infect the most users which platform would you attack? The one with the most users: Windows.
  • Always have a quality anti-virus (such as AVG, BitDefender, NOD32) and anti-MalwareMalwarebytes Anti-virus / Anti-malware (such as MalwareBytesMalwarebytes Anti-virus / Anti-malware, Ad Aware, SuperAntiSpyware) running on your system, and make sure to keep their auto-update features enabled so that you always have the latest definitions. New MalwareMalwarebytes Anti-virus / Anti-malware / viruses / trojans and variants of them come out daily. Set up weekly whole-computer thorough scans.
  • Run a quality Firewall, such as Comodo Firewall set to "Safe Mode". This will alert you to any incoming internet connections, and programs on your computer that want to connect to the internet, with some information on it, and allow you to either allow the connection or block it. Many Antivirus / Antispyware / AntiMalware packages have a firewall built right into it, and they're usually have "Internet Security" in their names. BitDefender, and Comodo both have these packages, amongst others.
  • Never run any email attachment from anyone that you don't know, and be sure to scan any attachments from people you do know before opening it, using one of the scanners mentioned above.
  • Use a quality web browser. Firefox, Chrome and Opera are 3 good ones. They have better protection against internet threats than say, Internet Explorer.
  • If you're ever shown any kind of dialog box with buttons on a web page that seems fishy, don't click any button on it, even if it's just an "OK" button. These can be manipulated to execute bad code no matter what button you click. If possible try to click the close (x) button instead , or better yet try to close it's tab/page while the dialog box is still showing, CTRL+W is usually the keyboard shortcut to do so. Very handy shortcut to remember.
  • Be careful around "hotbeds" where these things tend to be most prevalent. Sharing websites and services are cesspools for them. Limewire, Torrents, and other similar types of file or music sharing sites / services.
  • Tread lightly around "shady" websites. If you have any unpatched browser exploit there are ways to install their nasty payload(s) just by visiting the page.
  • If you happen to do a Google search and see many similar websites all from the same search result (the phrasing in the titles and/or the sample text blurb) , often times these are hacked sites or created sites deliberately designed to spam search results and they often have MalwareMalwarebytes Anti-virus / Anti-malware on them that you can get just by visiting them. The Internet Security 2012 virus is one good example of those.

Even with all the precautions you can possibly take you still just may end up getting bitten once in a while simply because there are hundreds, possibly thousands of people out there working diligently day and night to find exploits in software and web browsers that will allow their payload to sneak onto your system, but with the above tips and just some awareness and caution you should be quite safe. Over the last 17 years I've only been infected 2-3 times and my internet travels have led me to the shadiest of places Laughing.

I Averaged: 4 | 1 vote


Read More ...





Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
AdminX's picture
AdminX
I use Google ChromeI use SafariWindows User
Relationship Status:
Single & Looking
Joined: 08/30/2012
Posts: 8
Drops: 10
Mood: Alone
Re: What Does DDoS Mean? How Can I Protect Myself?

Hello..

Nice Info you have there.. I hope will learn something new from it.

 

Thank You

Who's New

bebiiee's picture
JustLOVETheGeek's picture
jhonzeth's picture
kaushalmalkan11's picture
avinash.5107218's picture
Raez's picture
MondayTuesday09's picture
sabrina_marie's picture
Tallen's picture
aaron420's picture
Viktor123's picture
paeltc's picture
dimpy123's picture
dfuller4747's picture
Bob the Observer's picture
facebook codes exploits tips tricks Phrozen Crew
All contents ©Copyright GeekDrop 2009-2017
TOS | Privacy Policy