I can’t tell you who’s attacked first WikiLeaks and more recently MasterCard, PayPal, and Visa with Distributed Denial of service (DDoS) assaults , but I can tell you it wasn’t hard. It wasn’t even, as such things go, that bad. Just ask Google if you want to know what a real DDoS attack is like.
WikiLeaks was buried under attacks that threw up to 10 Gigabits per second (Gbps) at its servers. We don’t know exactly how hard MasterCard or Visa were hit, but at an educated guess, it was probably an order of magnitude worse. Few sites can handle that level of cyber-warfare.
What’s behind these attacks? People tend to think of DDoS as causing havoc by jamming network bandwidth with useless traffic. While that’s certainly one kind of DDoS attack, others work by devouring server resources. That means it’s possible for a successful DDoS raid to be made no matter how much bandwidth you have because it attacks your servers’ resources. To really protect a network against attacks, both your Internet connection and your servers need defenses.
Usually, DDoS attacks are aimed at your network’s TCP/IP infrastructure. These assaults come in three varieties: those that exploit weaknesses in a given TCP/IP stack implementation; those that target TCP/IP weaknesses; and the tried and true brute force attack.
These days, the last, method thanks to botnet armies of zombied Windows PCs that make it easy to do, are the most popular. Why be fancy when you can just bury your enemies’ sites under waves of bad data requests?
Indeed, these days you don’t need to be any kind of hacker these days to launch a DDoS attack. According to VeriSign, you can rent a botnet for $8.94 an hour from criminals.
Why pay money though when you can get people to launch DDoS strikes with a program a trained monkey could use? What seems to be happening to the commercial companies in this latest wave of DDoS attacks, according to SANS’ Internet Storm Center, is that people are using a Java port of Low Orbit Ion Cannon, an open-source DoS attack tool, to smack around MasterCard, Visa, etc. All the user has to do is push a button, and, ta-da, the attack begins.
Low Orbit Ion Cannon is a brute-force program. All it does is crank out multiple simultaneous requests for a Web page that’s unlikely to exist on the site. The only thing that’s “interesting’ about this attack is that it uses Twitter to co-ordinate its users’ attacks.
If do you want to know how DDoS attacks manage their assaults, here’s my 20,000 foot overview of DDoS techniques.
