This article introduces us to the Distributed Denial or Service (DDOS) attack, its types and some of the steps for mitigating such an attack. The most interesting mitigating step for me is the use of “honeypot”. Even though it is not used by many organizations, I would like to see its implementation on a greater scale in future. Apart from thwarting a DDOS attack by attracting hackers/hackers into attacking the false servers/networks, honeypots can also lead to the source of attacks, attack patterns as well as waste the resources of attackers.
Other point to note from the article was using cloud-based services for hosting websites. The main advantage is that cloud service providers have dedicated security infrastructure, trained professional to deal with DDOS attacks, if cost is not the issue.
Hello,
As I was reading through your thoughts on the assigned article, I found that you had really taken an interest in the use of honeypots as a method of mitigating the damage of a Distributed Denial of Service attack, and for good reason! Honeypots can truly help an organization with a trained informations security team better understand the anatomy and intentions of the cyber attack, and in many cases can also leaves a trail back to the attacker. I can understand why you would advocate for this control!
The uniqueness of this topic was understanding that not all service interruptions are DOS attacks, for instance; Faulty or shoddy coding and referrals from large sites my fool you to thinking that they are DOS attacks, yet they are just faults of employees.
DOS attacks attempt to make a server or network unavailable to legitimate users. In terms of the general goals discussed earlier, DoS attacks are ways of reducing availability. The ultimate goal of a DoS attack is to cause harm, this can be through attack of critical services and degrade of services culminating into losses related to online sales, industry reputation, employee productivity, or customer loyalty. Attackers often launch DoS attacks against an organization’s most
important service. The most common service targeted by attackers is HTTP. Web services are a
popular target because of the economic damage that can be done.
Hello Percy,
I agree with you that often times, DOS attacks are often misunderstood when there might be a genuine increase in the network traffic or coding mistakes from the employees. Ultimately, the goal of this type of attack is to affect the ‘availability’ factor as you mentioned, which is an equally malicious attack. The unavailability of critical services depending upon IT can cause massive losses in banking as well as healthcare industries which are incumbent upon IT for 24/7 services.
This article talks about DDoS (Distributed Denial of Service Attack). It also describes how attackers use this technique in order to gain unauthorized access to the system by using handler to control the computer and sending the bots to computers acted as a zombie to send tons of packets to the victims. One key point which I took from this reading is that although it is difficult to detect and mitigate this issue, organization have to in place control safeguards to protect and detect DDoS. Applying alternate network paths is the example to reduce the risk of the attack. Also, Using Honeypots can be beneficial to learn and study how attacker use the pattern to attack.
Great point. One method of preventing distributed denial of service attack is by achieving multi-level protection strategy. This includes advanced intrusion prevention and threat management systems, made up of firewalls, VPN, anti-spam, content filtering, load balancing, and other layers of DDoS defense techniques. Together, they provide constant and consistent network protection to prevent a DDoS attack. Most of the standard network equipment comes with limited DDoS mitigation options, so firms can outsource some of the additional services. Also, these advanced mitigation and protection resources can be accessed through cloud-based service providers.
I’ve learnt from this article that why it is hard to detect DDoS attack and some practices to mitigate it. I found interesting that there are many ways to mitigate this attack type, however, organizations rarely use. For instance, honeypot is an interesting technique which is basically a trap set to detect attack intentions and sources. Honeypots lure attackers into a system so that the administrator be able to watch the attacker exploit the vulnerabilities of the system, hereby they can find out where the weaknesses are available and need to be patched. Or, Attacker can be detected while trying to access to the system.
According to this report, the distributed denial of service attacks is difficult to detect and mitigate because the unsuspecting user’s computers are used as zombies to carry out the attacks against the victim server, making it almost impossible to trace down the actual attacker. Sometimes the attackers can decide not to use the zombie computers to communicate directly with the victim servers, instead they spoof the IP address of the victim server and send request to large number of reflector computers, thus, triggering the reflectors to send large reply packets to victim servers.
Also, the report explained the two types of distributed denial of service attack as – attacks that target the network and choke the internet bandwidth used by the victim server, so that it cannot accept legitimate request coming from genuine users through the internet gateway, and attacks that target the vulnerabilities in applications so as to stifle server resources like CPU, RAM, Buffer memory, and immobilize the servers.
As I was looking over the assigned article titled An introduction to DDoS – Distributed Denial of Service Attack, I found myself reading many of the concepts and definitions that were touched upon in previous courses I had taken through my time in the IT Audit and Cyber Security program. Among the more interesting topics that the article touched upon which I enjoyed reviewing was the difference between the two different types of Distributed Denial of Service Attacks, one being an attack on the network’s bandwidth and the other being an attack on the server’s computational resources. The article also made mention of the ways that many organization’s and websites mitigate the effects of a DDoS attack, through means such as implementing alternate network paths and load balancing to reduce the impact of the sudden increased traffic, or honeypots which allow the study of these attacks and their source.
Hi Imran, Organizations can also consider the DDoS-as-a-service as another method of preventing the DDoS attacks. This provides improved flexibility for environments that combine in-house and third-party resources, or cloud and dedicated server hosting. It ensures that all the security infrastructure components meet the highest security standards and compliance requirements. This model provides tailor-made security architecture for the needs of a company, making the high-level DDoS protection available to businesses of any size.
This article introduces us to Distributed Denial of Service or DDOS attacks. Distributed denial of service attacks can cause many computers to be attacked at the same time, making the target of the attack unusable. Distributed denial of service attacks have occurred many times, resulting in the inability the websites.Because zombie computers are hard to track down, DDOS attacks are hard to defend against.Two types of distributed denial of service attacks:-Network-targeted attacks that block the Internet bandwidth used by the victim server.
Hi Junjie,
Thanks for pointing out the two types of distributed denial of service attack. But the target of ddos attack is also interesting, such as CCTVs. In one noted attack that was made peaked at around 20,000 requests per second which came from around 900 CCTV cameras.
DDOS attacks are a distributed denial of service attack. This means that there is an attacker controlling a group of computers, typically an unknowing person who’s computer got added to a zombie bot net, and the attacker is using the group to clog the resources of the victim. There are two different types, Network based attacks and application based attacks. Network based attacks use up all the bandwidth while the application attack uses up the resources of the computer but both result in the victim being unable to handle the requests and crashing. The cloud paired with load balancing is one way to be-able to scale up to stay online during a ddos attack if its critical for the business to remain functional.
The article gives us an idea of what is ddos attack and how they work with a fully detailed diagram. They discuss why ddos attacks are hard to detect as there are no fixed IP address from the attackers. They also discuss type of ddos attacks and ways to solve the problem. Ways like identifying the pattern, alternating network paths, limiting rate, honeypot, caching aggressively, mitigating the risk to cloud service providers and protecting them at the first place can greatly prevent and mitigate the risk of ddos attack.
One issue i could see with mitigating it to the cloud is that if you get targeted on the cloud and begin to automatically scale your cost for the cloud may soar and it could impact your businesses profitability if the attack keeps happening.
One key takeaway I took from this article was how undetectable a DDoS attack is, especially searching for the source of the attack. Since there is no fixed IP address/ IP address series for the infected computers that connect to the internet via broadband connection, some computers may discover the attack and block it but that doesn’t necessarily remove the threat entirely from the whole system because more computers run the risk of being infected by the attacker. I thought this was surprising because it just reinforces why an organization should have a strong security software or implement a strategy such as the rate-limiting/ throttling to prevent this from happening to begin with.
One key point from this article was the use of cloud-based services to host a website to help mitigate a DDoS attack. The main reason for doing this is because the service provider is equipped with specialists that are more familiar in protecting against DDoS, should these resources not be available to the business in house, but the cost for this type of service may be an issue for some. I thought this was an interesting mitigation technique because switching from an in house service to cloud-based seems to also open the door for other risks, even if it does help mitigate DDoS.
I definitely agree with your point. A lot more security would have to be in place with a cloud-based versus an in-house service. I’m assuming some organizations may find it more convenient which is why they switched to a cloud-based service.
DDoS attacks are interesting attacks because they deal with the throttling of network power and capabilities. This is a fairly harmless attack until your wireless power is rendered completely useless. THis is much different from a traditional attack because there is not an emphasis on the information. I would say the prevention methods are also very unique in that they look at the actual traffic and usage of the network regulating what should and should not be using the network. Deciphering between the correct and incorrect users is a very interesting addition to the security arenal.
Good summary.The DDOS attack is characterized by its difficulty in tracing, and its attack is to disable servers rather than directly steal or destroy data.According to the content of chapter 1, we need to know our possible attacked environment to determine the motivation of DDOS attack to protect and detect.
DDoS is considered the most common and dangerous attacks and still, there are few and radical safeguards like reboot or blackholing (drop all packets).
This article introduces us to the Distributed Denial or Service (DDOS) attack, its types and some of the steps for mitigating such an attack. The most interesting mitigating step for me is the use of “honeypot”. Even though it is not used by many organizations, I would like to see its implementation on a greater scale in future. Apart from thwarting a DDOS attack by attracting hackers/hackers into attacking the false servers/networks, honeypots can also lead to the source of attacks, attack patterns as well as waste the resources of attackers.
Other point to note from the article was using cloud-based services for hosting websites. The main advantage is that cloud service providers have dedicated security infrastructure, trained professional to deal with DDOS attacks, if cost is not the issue.
Hello,
As I was reading through your thoughts on the assigned article, I found that you had really taken an interest in the use of honeypots as a method of mitigating the damage of a Distributed Denial of Service attack, and for good reason! Honeypots can truly help an organization with a trained informations security team better understand the anatomy and intentions of the cyber attack, and in many cases can also leaves a trail back to the attacker. I can understand why you would advocate for this control!
The uniqueness of this topic was understanding that not all service interruptions are DOS attacks, for instance; Faulty or shoddy coding and referrals from large sites my fool you to thinking that they are DOS attacks, yet they are just faults of employees.
DOS attacks attempt to make a server or network unavailable to legitimate users. In terms of the general goals discussed earlier, DoS attacks are ways of reducing availability. The ultimate goal of a DoS attack is to cause harm, this can be through attack of critical services and degrade of services culminating into losses related to online sales, industry reputation, employee productivity, or customer loyalty. Attackers often launch DoS attacks against an organization’s most
important service. The most common service targeted by attackers is HTTP. Web services are a
popular target because of the economic damage that can be done.
Hello Percy,
I agree with you that often times, DOS attacks are often misunderstood when there might be a genuine increase in the network traffic or coding mistakes from the employees. Ultimately, the goal of this type of attack is to affect the ‘availability’ factor as you mentioned, which is an equally malicious attack. The unavailability of critical services depending upon IT can cause massive losses in banking as well as healthcare industries which are incumbent upon IT for 24/7 services.
This article talks about DDoS (Distributed Denial of Service Attack). It also describes how attackers use this technique in order to gain unauthorized access to the system by using handler to control the computer and sending the bots to computers acted as a zombie to send tons of packets to the victims. One key point which I took from this reading is that although it is difficult to detect and mitigate this issue, organization have to in place control safeguards to protect and detect DDoS. Applying alternate network paths is the example to reduce the risk of the attack. Also, Using Honeypots can be beneficial to learn and study how attacker use the pattern to attack.
Great point. One method of preventing distributed denial of service attack is by achieving multi-level protection strategy. This includes advanced intrusion prevention and threat management systems, made up of firewalls, VPN, anti-spam, content filtering, load balancing, and other layers of DDoS defense techniques. Together, they provide constant and consistent network protection to prevent a DDoS attack. Most of the standard network equipment comes with limited DDoS mitigation options, so firms can outsource some of the additional services. Also, these advanced mitigation and protection resources can be accessed through cloud-based service providers.
I’ve learnt from this article that why it is hard to detect DDoS attack and some practices to mitigate it. I found interesting that there are many ways to mitigate this attack type, however, organizations rarely use. For instance, honeypot is an interesting technique which is basically a trap set to detect attack intentions and sources. Honeypots lure attackers into a system so that the administrator be able to watch the attacker exploit the vulnerabilities of the system, hereby they can find out where the weaknesses are available and need to be patched. Or, Attacker can be detected while trying to access to the system.
According to this report, the distributed denial of service attacks is difficult to detect and mitigate because the unsuspecting user’s computers are used as zombies to carry out the attacks against the victim server, making it almost impossible to trace down the actual attacker. Sometimes the attackers can decide not to use the zombie computers to communicate directly with the victim servers, instead they spoof the IP address of the victim server and send request to large number of reflector computers, thus, triggering the reflectors to send large reply packets to victim servers.
Also, the report explained the two types of distributed denial of service attack as – attacks that target the network and choke the internet bandwidth used by the victim server, so that it cannot accept legitimate request coming from genuine users through the internet gateway, and attacks that target the vulnerabilities in applications so as to stifle server resources like CPU, RAM, Buffer memory, and immobilize the servers.
As I was looking over the assigned article titled An introduction to DDoS – Distributed Denial of Service Attack, I found myself reading many of the concepts and definitions that were touched upon in previous courses I had taken through my time in the IT Audit and Cyber Security program. Among the more interesting topics that the article touched upon which I enjoyed reviewing was the difference between the two different types of Distributed Denial of Service Attacks, one being an attack on the network’s bandwidth and the other being an attack on the server’s computational resources. The article also made mention of the ways that many organization’s and websites mitigate the effects of a DDoS attack, through means such as implementing alternate network paths and load balancing to reduce the impact of the sudden increased traffic, or honeypots which allow the study of these attacks and their source.
Hi Imran, Organizations can also consider the DDoS-as-a-service as another method of preventing the DDoS attacks. This provides improved flexibility for environments that combine in-house and third-party resources, or cloud and dedicated server hosting. It ensures that all the security infrastructure components meet the highest security standards and compliance requirements. This model provides tailor-made security architecture for the needs of a company, making the high-level DDoS protection available to businesses of any size.
This article introduces us to Distributed Denial of Service or DDOS attacks. Distributed denial of service attacks can cause many computers to be attacked at the same time, making the target of the attack unusable. Distributed denial of service attacks have occurred many times, resulting in the inability the websites.Because zombie computers are hard to track down, DDOS attacks are hard to defend against.Two types of distributed denial of service attacks:-Network-targeted attacks that block the Internet bandwidth used by the victim server.
Hi Junjie,
Thanks for pointing out the two types of distributed denial of service attack. But the target of ddos attack is also interesting, such as CCTVs. In one noted attack that was made peaked at around 20,000 requests per second which came from around 900 CCTV cameras.
DDOS attacks are a distributed denial of service attack. This means that there is an attacker controlling a group of computers, typically an unknowing person who’s computer got added to a zombie bot net, and the attacker is using the group to clog the resources of the victim. There are two different types, Network based attacks and application based attacks. Network based attacks use up all the bandwidth while the application attack uses up the resources of the computer but both result in the victim being unable to handle the requests and crashing. The cloud paired with load balancing is one way to be-able to scale up to stay online during a ddos attack if its critical for the business to remain functional.
The article gives us an idea of what is ddos attack and how they work with a fully detailed diagram. They discuss why ddos attacks are hard to detect as there are no fixed IP address from the attackers. They also discuss type of ddos attacks and ways to solve the problem. Ways like identifying the pattern, alternating network paths, limiting rate, honeypot, caching aggressively, mitigating the risk to cloud service providers and protecting them at the first place can greatly prevent and mitigate the risk of ddos attack.
One issue i could see with mitigating it to the cloud is that if you get targeted on the cloud and begin to automatically scale your cost for the cloud may soar and it could impact your businesses profitability if the attack keeps happening.
One key takeaway I took from this article was how undetectable a DDoS attack is, especially searching for the source of the attack. Since there is no fixed IP address/ IP address series for the infected computers that connect to the internet via broadband connection, some computers may discover the attack and block it but that doesn’t necessarily remove the threat entirely from the whole system because more computers run the risk of being infected by the attacker. I thought this was surprising because it just reinforces why an organization should have a strong security software or implement a strategy such as the rate-limiting/ throttling to prevent this from happening to begin with.
One key point from this article was the use of cloud-based services to host a website to help mitigate a DDoS attack. The main reason for doing this is because the service provider is equipped with specialists that are more familiar in protecting against DDoS, should these resources not be available to the business in house, but the cost for this type of service may be an issue for some. I thought this was an interesting mitigation technique because switching from an in house service to cloud-based seems to also open the door for other risks, even if it does help mitigate DDoS.
Hi Sarah!
I definitely agree with your point. A lot more security would have to be in place with a cloud-based versus an in-house service. I’m assuming some organizations may find it more convenient which is why they switched to a cloud-based service.
Best,
Natalie Dorely
DDoS attacks are interesting attacks because they deal with the throttling of network power and capabilities. This is a fairly harmless attack until your wireless power is rendered completely useless. THis is much different from a traditional attack because there is not an emphasis on the information. I would say the prevention methods are also very unique in that they look at the actual traffic and usage of the network regulating what should and should not be using the network. Deciphering between the correct and incorrect users is a very interesting addition to the security arenal.
Good summary.The DDOS attack is characterized by its difficulty in tracing, and its attack is to disable servers rather than directly steal or destroy data.According to the content of chapter 1, we need to know our possible attacked environment to determine the motivation of DDOS attack to protect and detect.
DDoS is considered the most common and dangerous attacks and still, there are few and radical safeguards like reboot or blackholing (drop all packets).