Tech and Web NEWS
Russia Hackers Denial-of-Service Attack DoS topples Twitter, Facebook and google- was Georgian Cyxymu effect a political or extortion scam?
By Amarendra Bhushan for CEOWORLD Magazine Updated:August 7, 2009
Get CEOWORLD Magazine digital monthly version. special- Top Capital Cities for a business Traveler, # Interview with Minister of Tourism of Greece. 1 Issues Subscription= $1 Only, 10 Issues Subscription= $5 Only. Grab your copy now!!!!
Google and Facebook also face assault but suffer less damage
An attempt to damage just one individual – a controversial Georgian Cyxymu- an outspoken critic of last year’s conflict between Georgia and Russia in South Ossetia.
They started with a flurry of spam e-mail sent out Thursday morning that contained links to pages written by a single activist on multiple social networking sites, said Bill Woodcock, research director of the San Francisco-based Packet Clearing House, a nonprofit that tracks Internet traffic.
When people clicked on the links, they were taken to legitimate Web pages, but the traffic overwhelmed some servers and disrupted service.
Facebook, whose users encountered intermittent problems Thursday, also was the subject of a denial-of-service attack, though it was not known whether the same hackers were involved.
LiveJournal, a blogging site, was also hit while Google managed to fend off denial of service attacks.
Hackers often target heavily trafficked sites in an attempt to extort “protection money” from their owners or to make a name for themselves.
It could be for political reasons. Or it could be part of an extortion scam.
Facebook Inc. and Twitter Inc. were working together with Google Inc. to investigate what happened. They were targeted by so-called denial- of-service attacks, which are designed to make sites inaccessible by overwhelming them with a flood of traffic.
What is a denial-of-service (DoS) attack?
A “denial-of-service” attack is characterized by an explicit attempt by attackers to prevent legitimate users of a service from using that service.
In a distributed denial-of-service, large numbers of compromised systems (sometimes called a botnet) attack a single target.
A denial of service attack can also destroy programming and files in affected computer systems. In some cases, DoS attacks have forced Web sites accessed by millions of people to temporarily cease operation.
- Attempts to “flood” a network, thereby preventing legitimate network traffic
- Attempts to disrupt connections between two machines, thereby preventing access to a service
- Attempts to prevent a particular individual from accessing a service
- Attempts to disrupt service to a specific system or person
Denial-of-service attacks can essentially disable your computer or your network. Depending on the nature of your enterprise, this can effectively disable your organization.
How do you avoid being part of the problem?
Unfortunately, there are no effective ways to prevent being the victim of a DoS or DDoS attack, but there are steps you can take to reduce the likelihood that an attacker will use your computer to attack other computers:
- Install and maintain anti-virus software.
- Install a firewall, and configure it to restrict traffic coming into and leaving your computer.
- Follow good security practices for distributing your email address. Applying email filters may help you manage unwanted traffic.
How do you know if an attack is happening?
- Unusually slow network performance (opening files or accessing web sites)
- Unavailability of a particular web site
- Inability to access any web site
- Dramatic increase in the amount of spam you receive in your account
Common forms of denial of service attacks are:
Buffer Overflow Attacks: The most common kind of DoS attack is simply to send more traffic to a network address than the programmers who planned its data buffers anticipated someone might send.
- Sending e-mail messages that have attachments with 256-character file names to Netscape and Microsoft mail programs
- Sending oversized Internet Control Message Protocol (ICMP) packets (this is also known as the Packet Internet or Inter-Network Groper (ping) of death)
- Sending to a user of the Pine e-mail progam a message with a “From” address larger than 256 characters
SYN Attack: When a session is initiated between the Transport Control Program (TCP) client and server in a network, a very small buffer space exists to handle the usually rapid “hand-shaking” exchange of messages that sets up the session.
Smurf Attack: The perpetrator sends an IP ping (or “echo my message back to me”) request to a receiving site The ping packet specifies that it be broadcast to a number of hosts within the receiving site’s local network.
Teardrop Attack: This type of denial of service attack exploits the way that the Internet Protocol (IP) requires a packet that is too large for the next router to handle be divided into fragments.
Viruses: Computer viruses, which replicate across a network in various ways, can be viewed as denial-of-service attacks where the victim is not usually specifically targetted but simply a host unlucky enough to get the virus.
Sphere: Related ContentLike this article! |
|
|
|
|
(No Ratings Yet)
Loading ...17672 views
Comments
Grab a copy of CEOWORLD Magazine for $1 only!!!
