Freelancer job part time jobs

What is a DDoS attack?

by

To begin let’s see What is a DDoS attack? , Also known as “Attack of distributed denial of service” is a special type of DoS on a joint and coordinated between several teams .

These attacks achieve the goal to knock down the target machine depleting bandwidth or surpassing the processing capacity . To finish familiar with those terms to say that the machines responsible for carrying out the attack are known as “Zombie” and the total mix botnet.

Detect DDoS Attack

My knowledge on the subject are quite limited but what it is I am sure that many times some administrators confused with a DDoS attack any anomaly in the network or server , to make sure that this is a DDoS attack we have to have a lot of httpd processes, eximd, ftpd, etc., these are often the objectives common to these attacks’ to ‘and those who manage to generate enough cargo to the system to collapse for lack of resources . < >
If we have doubts on the subject and we do not have the necessary knowledge I strongly recommend reading this post, I will try to simplify the explanation to the fullest as a guide for those users who need a quick answer to the question

Am I suffering a DDoS attack ?


 As discussed above, we must

see how we have IP connections and service to people connecting

these connections within our server, in this way can take away the doubts on whether this is really a DDoS attack.

netstat-ntu | awk ‘(print $ 5)’ | cut-d:-f1 | sort | uniq-c | sort-nr

netstat-na | grep SYN_RECV | awk ‘(print $ 5)’ | cut-d. -f1-4 | cut-d:-f1
| Sort-n | uniq-c | sort-n 

 
 If we were before an attack and taking as an example the following data get a list like this:

IP Server: IP 192.168.0.3

Attacker: 192.168.0.5

tcp 0 0 192.168.0.3:80 192.168.0.5:60808 SYN_RECV
tcp 0 0 192.168.0.3:80 192.168.0.5:60761 SYN_RECV
tcp 0 0 192.168.0.3:80 192.168.0.5:60876 SYN_RECV
tcp 0 0 192.168.0.3:80 192.168.0.5:60946 SYN_RECV
tcp 0 0 192.168.0.3:80 192.168.0.5:60763 SYN_RECV
tcp 0 0 192.168.0.3:80 192.168.0.5:60955 SYN_RECV
tcp 0 0 192.168.0.3:80 192.168.0.5:60765 SYN_RECV
tcp 0 0 192.168.0.3:80 192.168.0.5:60961 SYN_RECV
tcp 0 0 192.168.0.3:80 192.168.0.5:60923 SYN_RECV
tcp 0 0 192.168.0.3:80 192.168.0.5:61336 SYN_RECV
tcp 0 0 192.168.0.3:80 192.168.0.5:61011 SYN_RECV
tcp 0 0 192.168.0.3:80 192.168.0.5:60911 SYN_RECV
tcp 0 0 192.168.0.3:80 192.168.0.5:60758 SYN_RECV 

 Stop DDoS attack

Suppose that this is an attack and of course what we need now is to stop it … I strongly recommend it to go to sites that document the steps necessary to

stop a DDoS attack

:

Trying to stop a DDoS

  • Blocking an attack iframe

  • Distributed Denial of Service (DDoS) Attacks / tools

  • Preventing DDoS attacks

  • What should we do if we are under attack?

  • Protecting Web Servers from Distributed Denial of Service Attacks

Performance of “botnets” so graphic

As discussed above a botnet is a collection of robots

controlled by a user for unethical ‘to’ and who can control all the infected computers remotely (usually through the IRC).

Zombie botnet

The operator of the botnet sends viruses / worms / etc to users.

    The PCs come in the IRC or using other means of communication.

    2. The Spammer buys access to the operator of the botnet.

    3. The Spammer sends instructions via an IRC server or another channel for PCs infected …

    4. … causing them to send spam mail servers.

Ataques DDoS

Map illustrating DDoS attacks in the first quarter of 2007 .

Case “quienteadmite.com” real example of DDoS attack

This is a clear case of DDoS attacks that have suffered several sites in the blogosphere Hispanic in the last month, it all started when Engadget published this post

warning of possible fraud

, and the alleged fraudster becomes assumed guilty to tear down this website and some other as Error500 and Reddit, these last two pages had been limited only to echo the news.

After this history has been complicated ‘to’ and it is virtually impossible to summarize all that has been going on … I leave with you some links for those interested in history:

Fallen for freedom of expression

So it works quienteadmite

  • Thanks for “I am also genbeta.com”

  • DDoS attacks continue (to Reddit)

  • Galli tires of the niñatos

  • “I have closed ricardogalli.com insurance related to the topic of DDoS”

  • Interview with the alleged perpetrator of the attacks

    • To

  • understand all this a bit ‘to’ and for those who are not familiar with the authors and the origin of these sites on those comments, I will try to give you the

    • information needed to understand

: < >

Ricardo Galli : Creator of Reddit and Spanish activist of free software.
Quiviger

: One of the most popular blog on technology and which published the news that the attacks originated.

Meneame : Website based on community participation in which subscribers send stories to other users of the site vote.

Site quienteadmite.com : Site that offers services to find out who you blocked in the Messenger (Not advisable not utilicéis)

100% Bonus

Workplace Mobbing is crime
10 ideas how to accept criticism at work
How to beat all problems when you work from home as freelancer
What is a company today – business concepts where most large enterprises fall
10 Tips for a freelancer – tips for your own project or business

Languages

Recent articles