On February 6th, 2000
yahoo portal was shut down for 3 hours. Then retailer Buy. Com Inc. (BUYX) was
hit the next day, hours after going public by that evening, eBay (EBAY), amazon.com
(AMZN) ,and CNN (TWX) had gone dark. And in the morning, the mayhem continued
with online broker E* trade (EGRP) and others having traffic to their sites
virtually chocked off.
How a denial of service attack
works
I n a typical connection, the
user sends a message asking the server to authenticate it. The server returns
the authentication approval to the user. The user acknowledges this approval
and then is allowed on to the server in a denial of service attack, the user
sends several authentication requests to the server, filling it up. All
requests have false return address so the server can’t find the user when it
tries to send the authentication approval. The server wants, sometimes more
than a minute, before closing the connections. When it does close the
connection, the attacker sends a new batch of forged request, and the process
begins again- typing up the service indefinitely
TYPICAL CONNECTION:
HOW TO BLOCK A
DENIAL OF SERVICE ATTACK
One of the more
common methods of blocking a denial of service attack is to set up a filter, or
“sniffer” on a network before a stream of information reaches a sites web
servers. The filter can
Look for attacks by noticing patterns or
identifiers contained in the information.
If a pattern comes in frequently, the filter can be instructed to block
massages containing that pattern comes in frequently; the filter can be
instructed to block messages containing that pattern, protecting the web
servers from having their lines tied up.
No comments:
Post a Comment