Help me understand wat a ddos attack is

[bdcjacko]

See I come from a time when Dos was an operating system. I did a bit of research, and I think I understand the basics. It is a denial of service attack. And it sounds like the attacker is throwing useless info at a server to crash it. That doesn't sound all that savvy of an attack, but I could be wrong.

But is it basically like having like a bunch of people showing up to a store and blocking the entrance so the people who actual want to use the store can't get in? Is that right or is there something else to it?

edit: fyi this thread is now 20+ replies, so read it before you quote me and tell me the same information.

If you are thinking of quoting me to answer the question, don't.

 

[Chappy]

It is a Denial of Service attack where the server of the website in question will be overloaded by the amount of requests it recieves and if I'm right most of the 'attacking' computers will probably be infected before hand by the hackers/hacker and used just as anouther weapon.

However I do believe you can buy software that can counter or attempt to redirect some of the traffic in case of these attacks?

From what I understand though even if you have such a software you can never be fully protected as it is very very difficult to defend against a attack afaik.

Oh and correct me if I'm wrong I'm not a tech-expert or anything.^^

 

[Lancer873]

When you connect to a site... there's basically like a conversation between your computer and the server it's communicating with. Your computer says "Hi!" the server responds "Hello! What do you need?" then your computer says "I need this stuff" and the server sends it that stuff. The server can only respond to so many people saying "Hai!" at a time, though that number is quite high. A DDOS attack is basically several external servers saying "HI!!!" over and over again, until the server can't handle all the requests. The result is that actual people's computers saying "Hi!" to the server don't get a response, because the server is so busy with all the other "people" saying "Hi!"

 

[Kopikatsu]

How does DDOS stand for Denial of Service? Or is it just because DOS is already used? (I know that it DOES stand for that, but I mean I don't get it.)

 

[HassEsser]

How does DDOS stand for Denial of Service? Or is it just because DOS is already used?

Because DDoS really stands for distributed denial-of-service attack, instead of denial of service attack (but it doesn't really matter).

 

[dyre]

And it sounds like the attacker is throwing useless info at a server to crash it. That doesn't sound all that savvy of an attack, but I could be wrong.

I think it's more like the attacker requests a lot of info from the server, and the server can't handle all the requests.

But you're right, it's a very basic kind of attack that doesn't really have any long term consequences.

 

[More Fun To Compute]

I don't know if it's especially savvy. The idea is that the person doing it has hacked a lot of systems beforehand then tells them to flood a server. It has been used as an extortion racket where commercial sites are attacked then told that it will stop if they hand over money rather than just for the "lulz." Lulz are not something that is seen as a particularly savvy mode of operation unless regarded from something more like dadaist standpoint than from some sort of profit motive.

 

[PiOfCube]

Here's a great podcast by Steve Gibson on the TWiT network about DDoS attacks and what they are... It's one of the very first broadcasts they did on "Security Now":

http://twit.tv/sn8

 

[The Unworthy Gentleman]

It is a denial of service attack. And it sounds like the attacker is throwing useless info at a server to crash it. That doesn't sound all that savvy of an attack, but I could be wrong.

You've pretty much got it there. A computer sends out multiple requests to load a website and the server has too much to deal with and shits itself. A lot of the time people will group together to do this so that there is no chance of people from getting on.

Lulzsec doesn't usually use DDoS attacks to get their lulz, they actually hack the system and take information, however this was Titanic Takedown Tuesday and they just wanted to take multiple sites down, not take all the information. There isn't much you can do with user information on The Escapist, as long as you aren't using the same password for multiple sites.

Considering that Lulzsec never expressed any interest in The Escapist or similar services before and that they've already had lulz at us being down and out for a few hours, I wouldn't expect them to attack again. That said, they currently dominate the seven proxseas and aren't restricted by anything.

 

[Pyro Paul]

See I come from a time when Dos was an operating system. I did a bit of research, and I think I understand the basics. It is a denial of service attack. And it sounds like the attacker is throwing useless info at a server to crash it. That doesn't sound all that savvy of an attack, but I could be wrong.

But is it basically like having like a bunch of people showing up to a store and blocking the entrance so the people who actual want to use the store can't get in? Is that right or is there something else to it?

basically, yes.
the most basic function of the 'Distributed Denial of Service' (DDoS) attack is to shut down the intended website preventing legitimate users access.

However DDoS attacks often are just the spearhead of a cyber-attack.

People that continually try and access the server or try and figure out why they can't access the server open themselves up to possible infections from keyloggers and viruses. And while a majority of the electronic responce focuses on either trying to keep the server up or bandwidth consumption, key attacks on critical systems go by un-noticed.

so like in your analogy...
the DDoSers show up to the front of a store and block the entrance... people confused at whats going on start asking questions to the people blocking the door opening themselves up to get mislead or pick-pocketed... and all the while as every one looks to the front of the store, a handful of people pick the lock on the back door and get in un-noticed.

 

[bdcjacko]

A DDoS attack is when a group of computers all repeatedly request that a webpage be loaded, thus overloading the server. They request the page very fast so the server will be overwhelmed with tend of thousands of requests.

A server can only accommodate so many requests at a time and exceeding that will block other users from accessing the cite at the very least. In more severe cases it can overload the server enough to cause a crash or even physical overheating in poorly ventilated servers.

If you have any further questions I can make my Uni's lecture notes available to you.

I think it's more like the attacker requests a lot of info from the server, and the server can't handle all the requests.

But you're right, it's a very basic kind of attack that doesn't really have any long term consequences.

Oh, so it is more like calling the store and jamming up all its phone lines for an afternoon or whatever? But either way...it sounds like a brute force type attack that you basically just need the right equipment for?

 

[bdcjacko]

See I come from a time when Dos was an operating system. I did a bit of research, and I think I understand the basics. It is a denial of service attack. And it sounds like the attacker is throwing useless info at a server to crash it. That doesn't sound all that savvy of an attack, but I could be wrong.

But is it basically like having like a bunch of people showing up to a store and blocking the entrance so the people who actual want to use the store can't get in? Is that right or is there something else to it?

basically, yes.
the most basic function of the 'Distributed Denial of Service' (DDoS) attack is to shut down the intended website preventing legitimate users access.

However DDoS attacks often are just the spearhead of a cyber-attack.

People that continually try and access the server or try and figure out why they can't access the server open themselves up to possible infections from keyloggers and viruses. And while a majority of the electronic responce focuses on either trying to keep the server up or bandwidth consumption, key attacks on critical systems go by un-noticed.

so like in your analogy...
the DDoSers show up to the front of a store and block the entrance... people confused at whats going on start asking questions to the people blocking the door opening themselves up to get mislead or pick-pocketed... and all the while as every one looks to the front of the store, a handful of people pick the lock on the back door and get in un-noticed.

That makes sense. It is a real douche move, but that makes sense.

 

[Speakercone]

A DDoS attack is when a group of computers all repeatedly request that a webpage be loaded, thus overloading the server. They request the page very fast so the server will be overwhelmed with tend of thousands of requests.

A server can only accommodate so many requests at a time and exceeding that will block other users from accessing the cite at the very least. In more severe cases it can overload the server enough to cause a crash or even physical overheating in poorly ventilated servers.

If you have any further questions I can make my Uni's lecture notes available to you.

I think it's more like the attacker requests a lot of info from the server, and the server can't handle all the requests.

But you're right, it's a very basic kind of attack that doesn't really have any long term consequences.

Oh, so it is more like calling the store and jamming up all its phone lines for an afternoon or whatever? But either way...it sounds like a brute force type attack that you basically just need the right equipment for?

In this case, the right equipment can be something as stupid as a small batch file. There's even youtube videos that show you how to write these.

What makes a DOS attack into a DDOS attack is if the activity is conducted by many computers instead of only one. The reason for doing this is that the server activity shows up as 10,000 computers all trying to access the server at once instead of one computer trying to access the server 10,000 times. Net effect is the same.

check out http://en.wikipedia.org/wiki/Botnet for an extra titbit of information

 

[hydroblitz]

Okay, imagine the server of the website is a boat, floating along. now imagine a gigantic mob of people with intent to sink the boat jumping on at once. the boat wasn't built to handle all of those people at once, and it sinks. that's the analogy I use.

 

[Spoonfoon]

DDoS is what wannabe hackers do to make it look like they're hardcore...

 

[The Random One]

I would describe it as a bunch of people showing up at a store and asking to break a fifty. The clerks are all busy doing something that doesn't benefit the store at all while people who want to buy stuff can't do it, or at least have to wait much longer than usual.

Shit, that was a brilliant metaphor.

 

[bdcjacko]

ok, i am bored of this now.

 

[hydroblitz]

I would describe it as a bunch of people showing up at a store and asking to break a fifty. The clerks are all busy doing something that doesn't benefit the store at all while people who want to buy stuff can't do it, or at least have to wait much longer than usual.

Shit, that was a brilliant metaphor.

Damn. your's is better...

 

[PinkiePyro]

my way as seeing it as
think of a server as a table and computers acessing the server as stuff on the table
a ddos attack is when some troll(s) pile on so much stuff on the table it breaks

the actual attack can be seen as while everyone else is gluing/nailing the table back together the troll(s) run off with one of the legs (or other important part)