Denial Of Service Attack

Denial of Service Attack

Imagine a group of junior high school kids who decide to play a prank on their least favorite teacher. They agree that they will all call the teacher's phone, as quickly as they can dial, non-stop, until he unplugs the phone in frustration.

When this happens using the Internet rather than telephones, it's called a Denial of Service attack. Such attacks are designed to either keep the target system so busy handling the attack that it can't get anything else done, or to overwhelm it into shutting down completely.

Why should anyone but a system administrator worry about denial of service attacks? Users need to be aware of something called a BotNet.

The MyDoom virus was one of the first viruses to attempt two levels of attack. First, the virus would try to spread. On infection, though, it would insert a second program into the system. Basically, on MyDoom's trigger date (February 1st, 2004), any infected system would launch a denial of service attack against MyDoom's real target.

The virus tried to establish a collection of computers that would all launch attacks on the same day. This collection is a botnet, and in the years since MyDoom pioneered the concept, literally dozens of programs have expanded on the idea.

A popular program in use today is Stacheldraht. Stacheldraht is the master program, and it manages a collection of “handler” computers. Each of these handlers can control up to a thousand “zombie” computers around the world. The hacker with the Stacheldraht master says “attack this server,” the handlers pass the word along, and thousands of systems instantly change from peaceful home computers into remote-controlled computer attackers..

Sure, it sounds like a line from a bad horror movie, but it's true. Users need to keep their systems from becoming one of Stacheldraht's zombies.