DDOS attack questions

[Joelbanks5]

So I know what they are, but I'm confused at to how they are initiated. 

 

Also so how do they specifically work? (Other than just sending a bunch of crap to whatever it is) 

 

how do you counter it if at all possible?

 

And who invented it?

[Simon771]

I can tell you how you can counter it. With higher bandwith

 

And I'm sure you can find most answers to your question here: https://en.wikipedia.org/wiki/Denial-of-service_attack

 

 

[Simon771]

The earliest example of a DDoS attack that Sauter found in her research was implemented by the Strano Network, an Italian collective that launched an attack in 1995 to protest against the French government's nuclear policy. 

 

source: http://motherboard.vice.com/read/history-of-the-ddos-attack

[Simon771]

What I mannaged to learn in 5min on Google:

 

DDoS hacker need to infect large amount of computers. He can do that by exploiting vulnerabilities within the computer's operating system to install malicious software that provides him with remote access to the PC.

Then he send command to those infected PCs, to send request on some server. That server can't handle to repond on all those requests, so it becomes unavaliable and can even crash.

 

source: http://www.mirror.co.uk/news/technology-science/technology/what-ddos-attack-how-work-7098380

[Sir Asvald]

16 minutes ago, Joelbanks5 said:

So I know what they are, but I'm confused at to how they are initiated. 

 

Also so how do they specifically work? (Other than just sending a bunch of crap to whatever it is) 

 

how do you counter it if at all possible?

 

And who invented it?

It's called a botnet. Essentially, thousands it not millions computers act as "bots" and they send their request to the destination.

 

You'll need a lot of bandwidth to handle such attacks. Although. DDOS attacks can vary. Speeds can vary from 1Gbps to 300Gbps.

 

[beach_boy98]

Linus has a good video on it: 

 

[Bouzoo]

On 10/27/2016 at 1:49 PM, Simon771 said:

I can tell you how you can counter it. With higher bandwith

Yeah, that won't help you. Even if you're on fiber, if properly executed, the only help is your ISP Anti DDOS protection, if they will provide it to you that is. That's with assuming you don't have teams of engineers and special equipment at home.

[ThioJoe]

There are only a couple ways to stop a DoS or DDoS attack (not all denial of service attacks are distributed, it could be one source computer), depending on the type. 

 

First, have more bandwidth on your connection than the attack. Without protection, you likely will not have enough bandwidth to stop an attack. Unless it's just some kid using LOIC from his home internet, and you have a faster plan than him.  But even that may not stop it, since you might need a firewall (as in a dedicated hardware firewall) that can also filter out bogus requests so your router/network isn't overloaded by the requests.

 

Second, pay for a service that has more bandwidth than the attack.  For a website, you would get a CDN (content delivery network) such as Cloudflare, Incapsula, or Akamai that has a huge specially designed network that will take on the load of the attack and still be able to deliver your site.  For home internet, you would probably need a VPN, so the attack wouldn't go to you.  But if they find out your actual IP they can hit you directly.

[Joelbanks5]

22 minutes ago, ThioJoe said:

There are only a couple ways to stop a DoS or DDoS attack (not all denial of service attacks are distributed, it could be one source computer), depending on the type. 

 

First, have more bandwidth on your connection than the attack. Without protection, you likely will not have enough bandwidth to stop an attack. Unless it's just some kid using LOIC from his home internet, and you have a faster plan than him.  But even that may not stop it, since you might need a firewall (as in a dedicated hardware firewall) that can also filter out bogus requests so your router/network isn't overloaded by the requests.

 

Second, pay for a service that has more bandwidth than the attack.  For a website, you would get a CDN (content delivery network) such as Cloudflare, Incapsula, or Akamai that has a huge specially designed network that will take on the load of the attack and still be able to deliver your site.  For home internet, you would probably need a VPN, so the attack wouldn't go to you.  But if they find out your actual IP they can hit you directly.

So there are different forms of DDOS attacks?

[vorticalbox]

4 hours ago, Abdul201588 said:

It's called a botnet. Essentially, thousands it not millions computers act as "bots" and they send their request to the destination.

 

You'll need a lot of bandwidth to handle such attacks. Although. DDOS attacks can vary. Speeds can vary from 1Gbps to 300Gbps.

 

Actually. I believe most of the devices in this botnet where security cameras. When devices like phones, printers and cameras are design security isn't on the high end of the to do list.

 

I have seen "hacks" then are code hidden in a document when printed it rewrite's the firmware and then that attacker uses it to find all the phones on the network and disabled he off button when the handset is down allowing then to hear everything.

 

I have seen one that uses the circuits in phone to send out small radio waves that can be used to send data out of the building.

[Eniqmatic]

3 hours ago, Joelbanks5 said:

So there are different forms of DDOS attacks?

What he is saying is you get a DoS and a DDoS. DoS is Denial of Service, which comes from a single source, i.e one person attacks another. DDoS is Distributed Denial of Service, which comes from multiple sources (hence the distributed) i.e many computers used to attack a target. By combining the effective bandwidth of many different sources, it makes it more likely to harm the target. 

 

Think of this scenario:

 Attacker 1 has a 100Mb/s connection. The victim has 150Mb/s. With a DoS (single source), Attacker 1 cannot totally bring down the victim, they simply don't have enough bandwidth.

 

So, attacker 1 finds some friends. Attacker 1 has 100Mb/s, attacker 2 has 40Mb/s, attacker 3 has 15MB/s and attacker 4 has 50MB/s. If they all flood the victim at the same time (DDoS) with their full bandwidth, they now have effectively 205Mb/s of bandwidth. The victim has 150Mb/s and therefor does not have enough bandwidth answer all the requests coming from the attackers.

 

 

 

[Joelbanks5]

4 hours ago, Eniqmatic said:

What he is saying is you get a DoS and a DDoS. DoS is Denial of Service, which comes from a single source, i.e one person attacks another. DDoS is Distributed Denial of Service, which comes from multiple sources (hence the distributed) i.e many computers used to attack a target. By combining the effective bandwidth of many different sources, it makes it more likely to harm the target. 

 

Think of this scenario:

 Attacker 1 has a 100Mb/s connection. The victim has 150Mb/s. With a DoS (single source), Attacker 1 cannot totally bring down the victim, they simply don't have enough bandwidth.

 

So, attacker 1 finds some friends. Attacker 1 has 100Mb/s, attacker 2 has 40Mb/s, attacker 3 has 15MB/s and attacker 4 has 50MB/s. If they all flood the victim at the same time (DDoS) with their full bandwidth, they now have effectively 205Mb/s of bandwidth. The victim has 150Mb/s and therefor does not have enough bandwidth answer all the requests coming from the attackers.

 

 

 

So I get how that part of it works, but how does the attacker actually do it? Is it like crazy coding stuff or normal software he uses on his end or what?

 

i want to understand how it works, not really how it happens

[Eniqmatic]

7 hours ago, Joelbanks5 said:

So I get how that part of it works, but how does the attacker actually do it? Is it like crazy coding stuff or normal software he uses on his end or what?

 

i want to understand how it works, not really how it happens

There are a number of different techniques but the base principle is the same. Send large amounts of traffic to the victim. You can actually do a very basic form of this via command line, in fact when I was at school a good while ago now, our substitute IT teacher showed us how to do it in class.

 

But yes there is software out there that does it, but the theory and principle behind it is simple.