Comments
yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.

2008 West
DIAMOND SPONSOR:
Data Direct
SOA, WOA and Cloud Computing: The New Frontier for Data Services
PLATINUM SPONSORS:
Red Hat
The Opening of Virtualization
GOLD SPONSORS:
Appsense
User Environment Management – The Third Layer of the Desktop
Cordys
Cloud Computing for Business Agility
EMC
CMIS: A Multi-Vendor Proposal for a Service-Based Content Management Interoperability Standard
Freedom OSS
Practical SOA” Max Yankelevich
Intel
Architecting an Enterprise Service Router (ESR) – A Cost-Effective Way to Scale SOA Across the Enterprise
Sensedia
Return on Assests: Bringing Visibility to your SOA Strategy
Symantec
Managing Hybrid Endpoint Environments
VMWare
Game-Changing Technology for Enterprise Clouds and Applications
Click For 2008 West
Event Webcasts

2008 West
PLATINUM SPONSORS:
Appcelerator
Get ‘Rich’ Quick: Rapid Prototyping for RIA with ZERO Server Code
Keynote Systems
Designing for and Managing Performance in the New Frontier of Rich Internet Applications
GOLD SPONSORS:
ICEsoft
How Can AJAX Improve Homeland Security?
Isomorphic
Beyond Widgets: What a RIA Platform Should Offer
Oracle
REAs: Rich Enterprise Applications
Click For 2008 Event Webcasts
SYS-CON.TV
Today's Top SOA Links


An Overview of DDoS Attacks | @CloudExpo #Cloud #Security #DataCenter
Cloud computing provides access to multiple virtual machines with many having unique public facing IP addresses

Powerful Denial of Service attacks are becoming increasingly common. A Distributed Denial of Service attack is when the attacker uses multiple machines to flood the resources of the target to overwhelm it and deny the legitimate users access to the service. The DDoS attack on Dyn in October 2016 was one of most powerful attacks in history. Many DDoS attacks can be thwarted to a large extent by increasing the system’s capacity during an attack, but that is not a solution because it still causes monetary losses.

DDoS attacks typically employ three methods:

  1. Finding a vulnerability in the victim’s service
  2. Finding an endpoint in the victim’s service that is computationally heavy (for example, a login system that uses a slow hashing algorithm) but without a rate limit and abusing it
  3. Depleting the available bandwidth of the victim’s service

Cloud computing provides access to multiple virtual machines with many having unique public facing IP addresses. These virtual machines, however, are a goldmine of “zombies” for an attacker. Attackers are always doing automated scans on the internet for easily exploitable machines and put them to use as “zombie machines” in an attack. These machines form a part of botnets, which are available for lease in the dark web for anyone willing to go down that path! Botnets as a Service (BaaS?) are a reality now.

Cloud providers are very active in taming these bots. They lock down any virtual machine that exhibits abnormal behavior. Such botnets are hard to detect though, because they can remain dormant for a long time and take turns in collaborative attacks, thus never raising any suspicions towards their behavior. The idea is to find machines with known vulnerabilities. It is absurd that so many machines are still left open in the wild to be exploited.

Some scan strategies employed by attackers are:

  1. Random scan: In this strategy, many hosts scan the whole IPv4 address space. IPv6 space is protected from this type of scan since it is too large to operate on effectively.
  2. Hitlist scan: This scan works on a list of machines that the attacker wants to pwn. When a vulnerable machine is detected and pwned, the attacker sends a part of the list to that machine to operate on.
  3. Route-based scan: This type of scan uses BGP routing prefixes to reduce the address space.
  4. Divide and Conquer scan: In this strategy, different hosts act on different parts of the address space.
  5. Topological scan: This scan uses the information on the compromised host to select new targets. All email worms work in this way by exploiting the address books.
  6. Local Subnet scans: This type of scans use any of the above defined techniques to find out vulnerable machines in the local network of a compromised host. This is effective when all machines in the subnet do not have a publicly accessible IP address and thus cannot be attacked directly.

It is also important to make a distinction between the hosts and the victims in a DDoS attack, because sometimes the hosts themselves are the ones attacked. While hosts are usually used as “zombies” in DDoS attacks, they can be the victims themselves. While having control over a host, the attacker can:

  1. Use fork() bombs, in which a process is made to replicate itself continually until the machine freezes up
  2. Intentionally generate errors to fill up the logs and thus, depleting the disk space to cause the application to crash
  3. Execute a simple shutdown, taking that node down.

DDoS attacks are becoming a menace. As difficult as it is, safeguarding their web services against such attack should be a top priority of any sysadmin. Several steps can be taken to mitigate them, like subscribing to more bandwidth, upstream blackholing or using a third-party frontline defense like Cloudflare.

About Harry Trott
Harry Trott is an IT consultant from Perth, WA. He is currently working on a long term project in Bangalore, India. Harry has over 7 years of work experience on cloud and networking based projects. He is also working on a SaaS based startup which is currently in stealth mode.

Web 2.0 Latest News
Having a well-rounded brand strategy helps you identify the marketing channels you must focus on, and defines every aspect of how your business is viewed by your customers. Marketing and advertising is an integral component of every business. The US Small Business Administration reco...
When you work with React app, it normally needs some data from the server to store it for immediate use (e.g., show it on the page). If the app works with some complex relational database the work than may be a bit challenging. In this article I am going to describe the issues with org...
Technology integration is complex and an evergreen business challenge for IT teams. Enterprises setup manual & point to point connections to exchange data from business partners. However, data disruptions emerge when the business IT systems expand and prevents organizations from sharin...
There's an impulse to roll one's eyes and think of legacy applications as problematic, almost by definition. They're old, and they may run on hardware that's slower or more difficult to maintain. But in many instances, that's too simplistic an assessment. Would you respond the same way...
Commerce has become both digital and global: Online sales are expected to exceed $1.6 trillion dollars by 2020. As a customer preferred way of doing business, ecommerce offers increased selection, value, and convenience. Online shopping also offers merchants increased access to custome...
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021




SYS-CON Featured Whitepapers
ADS BY GOOGLE