On August 6 last, there was what has been described as a distributed denial of service attack directed by individuals against major public websites and designed to silence one person.
In the process, this attack took down Twitter, the microblogging site, and severely impacted Facebook (the Liveblogging blog platform was also targeted but seemed to fare better than the other two). Now, one might ask what does that mean for the enterprise user and I would argue, quite a bit.
The fact is that, as was seen with the Estonian debacle perpetrated by a lone attacker, considerable damage can be done to public sites over public infrastructure through distributed denial of service attacks (DDoS).
While many wags have argued that while Facebook was hard to access and Twitter was inaccessible office productivity across the wired world soared, the fact remains that in this case it was just social networking that was targeted, but what of something important? What if emergency services, public administration or some other important service was hit? Would people take notice?
The reasons that DDoS attacks occur are manifold and not to be tackled here, but what is important is how individuals without massive financial or physical resources can carefully craft code to infect machines around the world that they can then co-opt into a zombie network that can then be used to host and propagate DDoS attacks.
With this relatively easy inroad to DDoS available, the onus should be on the IT sector to gaurd against such things. There are a number of measures available to mitigate the effectiveness of such attacks.
One such thing is to ensure that packet filtering solutions will not forward IP packets that have malformed or otherwise tampered with sender IP addresses. One of the most common characteristics of DDoS attacks is that the packets flooding the destination have spoofed originating or sender IPs. Most methods for doing this leave some evidence that can be searched for using established packet filtering techniques, or specific DDoS prevention tools.
This tactic would prevent network operators from allowing such spoofed address packets to transit or leave their networks. This would be a major step in containing DDoS attacks and preventing them from reaching destination addresses.
There are many other ways of preventing the creation and spread of DDoS attacks, such as attack pattern recognition, restrictive rights policies and more. SANS.org has much useful information on the topic, as do a host of other security and network information sites.
However, there is another crucial element in this equation and that is the private end user. The private end user is often the one who has bought a PC from a large vendor and has neither the nous





Subscribers 0
Fans 0
Followers 0
Followers