Comments
yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.

2008 West
DIAMOND SPONSOR:
Data Direct
SOA, WOA and Cloud Computing: The New Frontier for Data Services
PLATINUM SPONSORS:
Red Hat
The Opening of Virtualization
GOLD SPONSORS:
Appsense
User Environment Management – The Third Layer of the Desktop
Cordys
Cloud Computing for Business Agility
EMC
CMIS: A Multi-Vendor Proposal for a Service-Based Content Management Interoperability Standard
Freedom OSS
Practical SOA” Max Yankelevich
Intel
Architecting an Enterprise Service Router (ESR) – A Cost-Effective Way to Scale SOA Across the Enterprise
Sensedia
Return on Assests: Bringing Visibility to your SOA Strategy
Symantec
Managing Hybrid Endpoint Environments
VMWare
Game-Changing Technology for Enterprise Clouds and Applications
Click For 2008 West
Event Webcasts

2008 West
PLATINUM SPONSORS:
Appcelerator
Get ‘Rich’ Quick: Rapid Prototyping for RIA with ZERO Server Code
Keynote Systems
Designing for and Managing Performance in the New Frontier of Rich Internet Applications
GOLD SPONSORS:
ICEsoft
How Can AJAX Improve Homeland Security?
Isomorphic
Beyond Widgets: What a RIA Platform Should Offer
Oracle
REAs: Rich Enterprise Applications
Click For 2008 Event Webcasts
SYS-CON.TV
Today's Top SOA Links


An Overview of DDoS Attacks | @CloudExpo #Cloud #Security #DataCenter
Cloud computing provides access to multiple virtual machines with many having unique public facing IP addresses

Powerful Denial of Service attacks are becoming increasingly common. A Distributed Denial of Service attack is when the attacker uses multiple machines to flood the resources of the target to overwhelm it and deny the legitimate users access to the service. The DDoS attack on Dyn in October 2016 was one of most powerful attacks in history. Many DDoS attacks can be thwarted to a large extent by increasing the system’s capacity during an attack, but that is not a solution because it still causes monetary losses.

DDoS attacks typically employ three methods:

  1. Finding a vulnerability in the victim’s service
  2. Finding an endpoint in the victim’s service that is computationally heavy (for example, a login system that uses a slow hashing algorithm) but without a rate limit and abusing it
  3. Depleting the available bandwidth of the victim’s service

Cloud computing provides access to multiple virtual machines with many having unique public facing IP addresses. These virtual machines, however, are a goldmine of “zombies” for an attacker. Attackers are always doing automated scans on the internet for easily exploitable machines and put them to use as “zombie machines” in an attack. These machines form a part of botnets, which are available for lease in the dark web for anyone willing to go down that path! Botnets as a Service (BaaS?) are a reality now.

Cloud providers are very active in taming these bots. They lock down any virtual machine that exhibits abnormal behavior. Such botnets are hard to detect though, because they can remain dormant for a long time and take turns in collaborative attacks, thus never raising any suspicions towards their behavior. The idea is to find machines with known vulnerabilities. It is absurd that so many machines are still left open in the wild to be exploited.

Some scan strategies employed by attackers are:

  1. Random scan: In this strategy, many hosts scan the whole IPv4 address space. IPv6 space is protected from this type of scan since it is too large to operate on effectively.
  2. Hitlist scan: This scan works on a list of machines that the attacker wants to pwn. When a vulnerable machine is detected and pwned, the attacker sends a part of the list to that machine to operate on.
  3. Route-based scan: This type of scan uses BGP routing prefixes to reduce the address space.
  4. Divide and Conquer scan: In this strategy, different hosts act on different parts of the address space.
  5. Topological scan: This scan uses the information on the compromised host to select new targets. All email worms work in this way by exploiting the address books.
  6. Local Subnet scans: This type of scans use any of the above defined techniques to find out vulnerable machines in the local network of a compromised host. This is effective when all machines in the subnet do not have a publicly accessible IP address and thus cannot be attacked directly.

It is also important to make a distinction between the hosts and the victims in a DDoS attack, because sometimes the hosts themselves are the ones attacked. While hosts are usually used as “zombies” in DDoS attacks, they can be the victims themselves. While having control over a host, the attacker can:

  1. Use fork() bombs, in which a process is made to replicate itself continually until the machine freezes up
  2. Intentionally generate errors to fill up the logs and thus, depleting the disk space to cause the application to crash
  3. Execute a simple shutdown, taking that node down.

DDoS attacks are becoming a menace. As difficult as it is, safeguarding their web services against such attack should be a top priority of any sysadmin. Several steps can be taken to mitigate them, like subscribing to more bandwidth, upstream blackholing or using a third-party frontline defense like Cloudflare.

About Harry Trott
Harry Trott is an IT consultant from Perth, WA. He is currently working on a long term project in Bangalore, India. Harry has over 7 years of work experience on cloud and networking based projects. He is also working on a SaaS based startup which is currently in stealth mode.

Web 2.0 Latest News
These days attacks are becoming more sophisticated and more common. Mobile devices, cloud computing and the Internet of Things have increased the number of access points that must be secured. To complicate matters, CISOs are been directed to secure system without compromising the seaml...
There's an impulse to roll one's eyes and think of legacy applications as problematic, almost by definition. They're old, and they may run on hardware that's slower or more difficult to maintain. But in many instances, that's too simplistic an assessment. Would you respond the same way...
While marketing automation by itself is extremely powerful and is mostly based in the cloud, the effectiveness of such strategies can be enhanced by leveraging the benefits that cloud computing offers. Not too long ago, marketers had to inevitably choose between two options - keep mark...
My daughter is taking a class on entrepreneurship in her senior year of high school (yep, that’s the Silicon Valley for you). She loves the class, the energy of the teacher, and the creativity associated with the subject. As a result, we have had several conversations about what does i...
The origins of SAP GRC software goes back decades, but adoption has been slow. But with the rigor of modern compliance regimes like SOX, coupled with the sheer volume and complexity of online transactions, there’s been an accelerating movement away from document-centric review processe...
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021




SYS-CON Featured Whitepapers
ADS BY GOOGLE