What is a DDoS Attack?

George Redmon · Post by **George Redmon** » 30 May 2014 10:05 pm

When i try to log into a site that i use, a warning comes up that they are under a DDoS "distributed denial of service" attack. What is this? Could this happen to the forum? or even an individual? Is this somekind of new website virus? Tried reading about it, but it made me even more confused???

Wiz Feinberg · Post by **Wiz Feinberg** » 30 May 2014 10:31 pm

A DDoS is a denial of service assault against a website, or server, or router, or even an entire Country. The reasons that miscreants use for launching these attacks varies, from revenge, to blackmail, to notoriety, to political causes, to hiding atrocities being committed by Governments against their own citizens, to toppling those Governments. Russia used a DDoS attack against Georgia as the tanks began rolling toward that Country. Hackers and cybercriminals were hired to launch an orchestrated DDoS attack targeting the IP addresses of the primary routers and the Georgian Government domain extensions. The flow of incoming packets overloaded the main routers and the Internet went dark for many hours, until the Russian tanks and troops were in the Capital. The same thing will happen again if they decide to attack Ukraine, full scale.

Hackers and cybercriminals deploy attack tools on infected computers in botnets, or botted smartphones, to launch billions of requests for web pages per second (dozens to hundreds of Gigabytes per second), in such a huge continuous volume that the targeted server or router is overloaded, cannot respond at all and crashes.

While it is possible to target a home user's IP address, their ISP would normally try to deflect the attack before it reached the user. But, they might suspend the user's account until they found out what attracted such unwanted attention.

Personal DDoS attacks, though rare, are usually carried out by hackers against other hackers, as payback for stepping on their virtual toes. More often that that, disgruntled hackers use Swatting against their targets.

DDoS against individual websites usually cause collateral damage to other accounts hosted on shared servers. If a shared hosting account on a major hosting company is targeted, hundreds of non-related sites will also go offline, until the attack ends, or is completely deflected.

You asked if DDoS is a virus. In a way it is, in that the attacking computers and smart devices have been drafted into botnets that are used in the attacks. The drafting happens from unsuspecting computer and smartphone users clicking on things that they shouldn't have, or from having vulnerable software running in their web browsers (like Java).

George Redmon · Post by **George Redmon** » 31 May 2014 8:33 am

WOW i never heard of such a thing. That explains it, thank you so much for taking a moment and explaining this to me. Sounds like warfare. Thank You Wiz.

Wiz Feinberg · Post by **Wiz Feinberg** » 31 May 2014 12:43 pm

DDoS attacks are known as "cyber-warfare." As I pointed out in my earlier reply, they are sometimes a prelude to actual warfare. Denial of service against a business website can cause huge financial losses in a short period of time.

Dave Potter · Post by **Dave Potter** » 31 May 2014 3:29 pm

My life includes the time before there WAS an "internet", and therefore, no DDoS attacks.

It was a more pleasant time to be alive.

Wiz Feinberg · Post by **Wiz Feinberg** » 31 May 2014 10:21 pm

Dave Potter wrote:My life includes the time before there WAS an "internet", and therefore, no DDoS attacks.

It was a more pleasant time to be alive.

I am also from the time before the Internet, such as we now know it now. Back then, it was called ArpaNet and was managed by the Department Of Defense. I was involved with Civil Defense during the Cold War and the Cuban Missile Crisis. I knew then and still know now that a strong enough EMP bomb can knock out all radio/TV wave communications, as well as computers, the Internet and cellphones. DDoS attacks are usually carefully targeted at particular web servers, domains, or IP addresses. EMP detonations are totally indiscriminate, taking out all communications other that soup cans on wires or messages in bottles.

I lived through a reality back then that most young folks today think of as science fiction. ICBMs with multiple warheads are not science fiction. Insane people with total power and missile launch codes are a lot more dangerous that cybercriminals and hacktivists with botnets of infected computers.