DDoS Attacks (Part I) - Staying Master of Your Domain

DDoS Attacks (Part I) - Staying Master of Your Domain. IMG: (J. Anderson)

A recent spate of attacks launched in April involved the use of distributed denial of service (DDoS) attacks on the DNS server of a well-known worldwide organization. This blitz worked in achieving every goal a “hacktivist” could dream of: garnering global attention through strategic targeting to raise awareness for its cause.

Needless to say, DDoS attacks are now top of mind for every company in terms of securing their online presence. But not every company knows what is at risk – and more importantly – what they can do to keep their organization safe and secure. This is why over the next few weeks, I’ll be discussing:

- Examples of what can be targeted during a DDoS attack

- What your organization can do in the short term

- How you can protect your online presence in the long term

First and foremost, let’s talk about the most commonly targeted piece of equipment today. Pity the poor DNS: It’s critically important for every online operation, and yet it gets so little respect.

DNS, or the Domain Name System, is a hierarchical distributed naming system for just about any resource on the Internet, from servers to services, directly connected to the Internet, or even a private network. Since there are domain names associated with each entity in a network, a DNS request translates queries into IP addresses to identify other devices and services across the Internet. Simply put, DNS is the phone book of the Internet era.

Unfortunately, there’s one group of people that definitely respects the value of DNS: hackers. This is particularly true of the sub-group generally referred to as hacktivists. For the most part, these are not for-profit criminals out to steal information they can then misuse, or sell to others who will; they’re like-minded, loosely affiliated individuals who work together to target corporations and government agencies because they want to bring attention to a particular cause or just draw attention to their prowess.

Whatever the motive, these individuals understand that the effects of targeting DNS can be devastating, and they have made attacks on DNS their weapon of choice. They know that by taking out a DNS server, they’ve taken out the organization.

Perhaps the most popular tool among hacktivists to be aware of is the LOIC, or the Low Orbit Ion Cannon, an open-source network stress testing and DOS application that’s now available on numerous open-source platforms. The LOIC tool has been used very publicly against DNS servers, but it’s important to remember that attacks using this tool can be quite specifically aimed at other “sleeper targets” as well: e-mail, Web applications, IPv6 and firewalls.

For example, hacktivists understand that e-mail servers are a company’s communications lifeline. Disabling the e-mail server in any form can cripple every aspect of daily operations. A connection/syn floods on common mail ports, such as POP3, IMAP and SMTP is one of the simplest ways hacktivists can shut down all e-mail correspondence. But also be aware that some DDoS attacks go directly for the webmail URL, which prevents employees from using webmail apps. Using the LOIC is particularly effective in this category.

Another favored target is the Web application — a target-rich area, since most organizations typically have so many. From login forms to search pages, many of these interface directly with a key internal database. A targeted hacktivist attack looking to exploit the Web app can disable a database, which in some cases effectively disables the corporate site, and ultimately hampers critical business functions.

Many sites also use third-party pages, or widgets. Sophisticated hacktivists conduct detailed page analyses to identify outgoing communications, then focus on taking those components out. Site visitors then find each page slow or even unable to load.

Firewalls are even more problematic. These are an essential component of virtually every information security program — they allow specific network transmissions while denying unauthorized access. Yet an attack that looks to create an all-purpose block prevents external corporate offices from getting online, and the firewall becomes a significant liability. In these attacks, the key is to drive the use of the firewall’s CPU up to 100 percent, or full capacity. In other words, the very devices and services used to defend against external threats now serve to compound those attacks.

For the record though, it’s not all doom and gloom. There have been enough of these DDoS attacks in the industry to get a sense of how organizations should respond — along with what they do right and what mitigation techniques work in protecting against a DDoS attack. Stay tuned for more information, and I’ll look to give you the best practices I have seen so far to immediately address a DDoS attack in the short term, and what you really need to do to fully address the problem.

Miguel Ramos is the Senior Product Manager of Neustar, Inc., a provider of real-time information and analysis to the Internet, telecommunications, entertainment, advertising and marketing industries throughout the world.

Like this article? Please share on Facebook and give The Tech Herald a Like too!

From our Other Sites

Man Makes Tiny Edible Pancakes with Tiny Kitchen Tools (Video)

This Japanese guy cooks up some pancakes…nothing special there right? Well he uses tiny implements to do it and makes perfect little pancakes. Kinda cool and they look tasty!

What Color is this Dress?

White and Gold or Blue and Black?
Well this one has been trending all over the web, just what color is this dress? It all started in Scotland when the mother of a bride-to-be sent a picture to her daughter asking what she thought of the dress. The bride and groom each saw the image differently, this then got posted online and picked up by some viral sites. The lighting in photo is probably  causing different people to see it as either white and gold or blue and black. Prof Stephen Westland, chair of color science and technology at a University in the UK told the BBC that it was impossible to see what other people see but that it was most […]

McLaren 675LT Pictures

Some great shots of the forthcoming McLaren 675LT. This coupe will get you to 60mph in less than 2.9 second and go all the way to 205mph.

McLaren 675LT Details

McLaren’s 675LT will debut at this year’s Geneva show and promises some eye-popping performance. The coupe only 675LT has a 3.8 liter V8 that will get you from 0-60mph in less than 2.9 seconds and to 124mph in less than 7.9 secondsMore than a third of the parts have been changed compared with its stable mate […]

McLaren 675LT Wallpaper

Some cool McLaren 675LT Wallpaper. The McLaren 675LT is the latest coupe to come from the supercar maker and has a top speed of 205mph.Click on an image to open a page with multiple sizes that you can download to use as wallpaper for your mobile or desktop.More McLaren Wallpaper.

Octopus hunts on land, grabs crab (Video)

This crab is minding its own business searching the rock pools for food when suddenly an octopus leaps out of the water and grabs it. The amazing thing is that the octopus does not just jump on the crab it actually pulls it all the way back to the rock pool it came from. If you check the second video you will see it is not unknown for octopus to come out of the water and the one in the second video has a crab with it, though is not hunting one! Octopus Walks on Land at Fitzgerald Marine Reserve The video was taken by Porsche Indrisie in Yallingup, Western […]

Stunning Mars Rover Selfie

This image by the Curiosity Mars rover is not exactly your typical selfie. It is made up of a bunch of images taken by the rover during January 2015 by the Mars Hand Lens Imager. This (MAHLI) camera is at the end of the robot’s arm. For a sense of scale the rover’s wheels are about 20 inches diameter and 16 inches wide. Check the annotated image below for more information on the surroundings. Also if you really want to see some detail click this very large image, 36mb, at NASA.  

How the Sahara Helps Feed the Amazon (Video)

Sahara to Amazon
This cool video from NASA shows how dust is transferred across the Atlantic to the Amazon rainforest and helps nourish the plants growing there. For the first time scientists have measured the amount of dust and the amount of phosphorus in the dust. The later acts like a fertiliser and helps replenish the phosphorus the rainforest loses each year, around 22,000 tons. Amazing how something we perceive as being desolate like a desert actually has an important role in sustaining somewhere we see as teeming with life. Image and video from NASA’s Goddard Space Flight Center.

Bouncing Laser Guided Bomb (Video)

This amazing video shows a laser guided bomb bouncing back up after hitting its target. We actually think this is a non-explosive bomb designed to test guidance systems but it is still pretty remarkable and somewhat scary.

South Koreans Swallowed by Sinkhole (Video)

Thankfully the couple survived their adventure.
This amazing footage taken from the CCTV on a passing bus shows the moment two pedestrians in South Korea fall down a sinkhole in the street! Rescue workers managed to save the pair, who were treated in a nearby hospital for minor injuries. According to reports the city authorities and the Korean Geotechnical Society are looking into the cause.