How can prevent your company that a Master Card. com style DDoS attack
products by Redspin Inc.
As part of the MasterCard shut down Wikileaks.org ‘s merchant account, an anonymous group of “hackers” who call themselves together “Anonymous” have even the exact some vigilante justice against evil speech made suppression Corporation. Of course, MasterCard, PayPal and PostFinance.ch, Visa.com, and Amazon.com – the other goals in “Project Payback” called – by the State Department have been instructed to cease doing business with Wikileaks.org as engaging illegal activities, but that’s not the anonymous hacker group has stopped by the organization and successful mining attacks, many of these websites and the corporate website of the Bar of the two women press charges against Wikileaks-founder Julian Assange.The most interesting feature of the attacks and bislang Mastercard.com Visa.com is that they display a significant lack of technical sophistication. No “hacking” for the purposes of the fracture is affected by emergency services or exploitation of vulnerabilities. Instead it employs a more robust attacks, brute-force approach. Technically Distributed Denial of Service attack (DDoS or) includes a server with saturating legitimate traffic looking until it overloaded and stopped working. Each residential compound can not generate enough traffic to a significant disruption they can trigger the attack is distributed among many connections, leading to an increase in traffic that shut down the site. As you can see in the picture above, Project Payback, attack has participants “make your LOIC HIVE server, channel # loic.anonops.net loic. LOIC stands for “Low Orbit Ion Cannon” and is a juvenile hacking tool that simply questions hundreds of requests to the destination server, simulating hundreds of visitors to the site at once. The “beehive” Server coordinate attack attack subscriber computers to specific targets. With a combination of a few hundred participants, with the help of easy-to-light downloadable software (Google it), will use hundreds of thousands of applications and Visa.com Mastercard.com overload servers. Unfortunately, these days, with one of the websites of a Fortune 500 company, is as simple as always a few people to download and run a simple executable file with a graphical interface. No command lines or “linux-fu” indispensable. “A quick glance at the LOIC Command and Control (IRC) channel, which was at the time of the first downtime MasterCard today 940 computer at the attack. At the time this article Leave the number the computer is currently in the voluntary “botnet” is would have discredited over 1700.
Five years ago this type of attack with so few participants. datacenters where such corporate sites are hosted, had the ability, as many orders of magnitude more traffic that generate what thousands of home users could be treated. However, with a wealth of quick and fast internet connections at home, with new cables and fiber optic technologies, now is the data center bandwidth no longer the bastion of server protection that was once . With an average of 2-5 megabits upstream bandwidth capacity (assuming a low to medium technical level residences with broadband) 2000 Attackers could easily saturate 10-Gigabit server connection, the much more bandwidth than what the majority of used, non-media Fortune 100 companies.
As you can prevent companies this type of attack? Unfortunately, your organization 100% PCI DSS compliant, fully free to be in a position of software vulnerabilities, handle hundreds of thousands of legitimate visitors (like Mastercard.com, Visa.com) and still fall prey to these technically unsophisticated brute-force style DDoS attacks. The easiest way for sure to this type of attack is a DDoS Mitigation service use using a “Traffic purification center,” the peering points on the Internet backbones, redirect only valid “clean” traffic to your server (“DDoS Mitigation via Regional Cleaning Centers, Agarwal 2004) to operate. This technique was first identified as a joint document released by Sprint and the UC Berkeley in 2004 as more companies such as Verisign -. -. The technology
In addition to these professional service, a penetration test to identify common software mistakes that result in simple denials commercialized facilities that are of an attacker, rather than thousands may be used. Other solutions for in-house IT use a low TTL DNS (so that when IP addresses is the target of the attack, your company website to another server redirect fast) combined with careful monitoring traffic and crafting firewall rules for the attacker to make the requests in a predictable pattern block. However, this method in utility with the most advanced DDoS attacks randomization Requests / impersonating or spoofing source IP addresses reduced.
with social media allows anyone imaginable to convince a few thousand people to take down a website and with home-user Internet connectivity and that this is a serious matter, exist today in servers a game of brute force and numbers. your network safe from these availability issues?About the author
Redspin Engineer, Joel Parish Written
Redspin, founded in 2000, provides the highest quality information security assessments by technical know-how, business acumen and objectivity.