DDOS Worries

Posted by: Cken1774

DDOS Worries - 01/20/09 10:42 PM

I dont know if this is the right place to post this or if anyone can help but meh, here goes.

Alot of drama and backstory, but basically a small rivalry between a number of gaming communities and we have fairly substantial evidence that the largest of us has initiated a DDOS attack on one of the others. is there anything we can do to defend against this. im fairly computer literate but thats a bit too technical for me.
Posted by: Digital Geek

Re: DDOS Worries - 01/22/09 08:37 AM

Hello,

There is little you can do against a propper DDoS except increasing the bandwidth of your server. Many common types of DDoS attacks, such as packet flooding attacks will fill the pipes of your server until is rendered unusable.

In case the ones behind the attack are not so smart and don't launch a propper DDoS, but instead they use some scripts or tools they found online without fully understanding them (aka script kiddies) the chanses are you might be able to do some damage control. You won't be able to stop the packets from ariving, but you can try to mitigate or to diminish the impact. In other words, you can filter the incoming traffic.

DDoS attacks come in many shapes and colors but generally based on:

- ICMP (Internet Control Message Protocol) Floods
- Smurf Attacks (which are also ICMP floods, but uses the broadcast address)
- UDP (User Datagram Protocol) Flood
- TCP (Transmission Control Protocol) Flood
- TCP SYN Flood
- Spoofing (by falsifying the IP address and attacking)
- Application Attack (attacking a vulnerability in an application)
- Teardrop (IP fragmentation, again pretty much outdated now)
- Fraggle Attack (which is similar in nature to a Smurf Attack, except it uses UDP as opposed to TCP)
- Reflected Attacks and DNS Amplification Attacks

First thing you need to do is to make sure you have good equipment set in place, you have a good ISP (not one that at the first sign of trouble nullroutes your IP) and you start reading more on this subject and start learning how you can protect and secure your network/server.

If you want to learn more read the following:

- Help Defeat Distributed Denial of Service Attacks: Step-by-Step
- Distributed Denial of Service - Protecting Critical Systems
- Denial of Service Attacks - DDOS, SMURF, FRAGGLE, TRINOO

Good luck smile